London, UK (CU) _Officials claim that over 3,000 UK email servers are already vulnerable to the global Microsoft Exchange email flaw. According to the National Cyber Security Centre, the bug affected 7,000 servers in the UK, with just half of them being recovered.
Malignant software was discovered in 2,300 computers, but the organization said it had supported businesses to eliminate it. The agency urged all affected companies to take measures to protect their email servers. Since the discovery of the global security vulnerability last week, it was for the first time the announcement exposes the complexity of the issue among UK businesses.
The NCSC said that ransomware groups used the bug to install their malicious programs, but so far no proof of a widespread ransomware attack on UK businesses has been found. Ransomware encrypts a user’s data and makes the operating device unusable after it has been mounted. The group then requests money in order to access it, and if their demands are not fulfilled, the data will be stolen or removed.
The security bug affects Microsoft’s commonly used Exchange email system, which is used by large companies, small businesses, and government agencies around the world. According to the NCSC, small and medium-sized companies need to be prioritized in this issue, because they may not be aware of the issue. A hacker group initially used the bug to gain remote access to email servers, from which it could steal confidential data.
However, after Microsoft revealed that it had found the vulnerability, it encouraged the users to download the new security software, and other hacking groups soon became familiar with the flaw. As a result, a widespread free-for-all has ensued, with numerous hacking groups attempting to target unpatched email servers.
Paul Chichester, NCSC’s director for operations stated, “We are working closely with industry and international partners to understand the scale and impact of UK exposure, but it is vital that all organizations take immediate steps to protect their networks. While this work is ongoing, the most important action is to install the latest Microsoft updates.”
He also recommended all companies to become familiar with the processes regarding ransomware attacks, as well as look for any signs that their networks have already been hacked. The real complexity of the issue is still arising, with thousands of systems at risk in the UK alone. However, the ultimate impact is still not known.
Although many systems still remain vulnerable and thousands have mounted with malicious software, the number of instances where we know this was used to steal emails or lock people out with ransomware is still small. With more information coming in, this could change in the coming days. It is obvious is that many hacker groups have used the flaw, and those on the defensive side are expected to be busy for some time in the coming days.
