News: Microsoft says ransom-seeking hackers taking advantage of server flaws.
WASHINGTON (Reuters) – Ransom hackers have begun to exploit a recently revealed flaw in Microsoft’s widespread mail server software, the company said early Thursday – a serious escalation that could indicate a widespread digital disruption.
The disclosure was initially made on Twitter Microsoft Corp security program manager Phillip Misner, who was later sustained by the Redmond, Washington-based company, is the realization of concerns that have been rising in the security community for days.
Since March 2nd, when Microsoft announced the discovery of serious vulnerabilities in its Exchange software, experts have warned that it was only a matter of time before gangs of ransomware began to take down businesses on the Internet.
Misner did not immediately respond to follow-up messages and Microsoft did not return emails requesting further comments. The US Cybersecurity and Infrastructure Security Agency and the FBI also did not respond immediately.
Although the security holes announced by Microsoft have now been fixed, companies around the world have not been able to patch their software so that it is open for use. Experts attribute the slow pace of many customers’ updates in part to the complexity of the Exchange architecture and lack of expertise. According to official information, up to 60,000 networks are at risk in Germany alone.
All types of hackers have started to exploit the loopholes – a security firm recently counted 10 separate hacking groups taking advantage of the bugs – but ransomware operators are among the most feared.
These groups lock users out of their devices and data unless the victims spit out large chunks of the digital currency. You may now have access to “a large number of vulnerable systems,” said Brett Callow of cybersecurity firm Emsisoft.
He said more humble companies – many of whom are unable or unable to update their software – could be particularly hard hit by the latest variant of the ransomware.
“This is a potentially serious risk for small businesses,” he said.
Reporting by Raphael Satter; Adaptation by Gerry Doyle and Jonathan Oatis
Original Source © Reuters