Because of a security gap that became known a few days ago, according to US media reports, tens of thousands of email servers belonging to companies, government agencies and educational institutions have fallen victim to hacker attacks. There has been a security update for the vulnerability in Microsoft’s Exchange Server software since last Wednesday.
But it has to be installed by the customer. On Friday, the German Federal Office for Information Security (BSI) warned thousands of German companies to fill the gap quickly.
The information on the number of people affected varied widely in the reports. Worldwide there could be more than 250,000 victims, wrote the “Wall Street Journal” at the weekend, citing an informed person. A former US official familiar with the investigation told Bloomberg financial services that they knew of at least 60,000 affected e-mail servers. The well-connected IT security specialist Brian Krebs and the computer magazine “Wired” reported 30,000 hacked e-mail systems in the USA alone.
“In an international comparison, German companies are particularly hard hit by this Microsoft Exchange gap,” said Rüdiger Trost from the IT security company F-Secure on Sunday. “The reason: German companies fear the cloud and therefore often operate services such as Exchange locally.”
Microsoft warned on Wednesday that the four previously not publicly known security holes are being exploited by alleged Chinese hackers. The hacking group, which Microsoft calls “Hafnium”, wanted to use the vulnerabilities primarily to access information in the USA. The goals were, among other things, research on infectious diseases as well as universities, law firms and companies with defense contracts. The attacks were targeted and Microsoft had no evidence that private customers were also attacked. According to the reports, however, unsecured systems have been attacked on a broad front since the vulnerabilities were announced.
According to Microsoft, the 2013, 2016 and 2019 Exchange server versions are affected. Exchange is used by many companies, authorities and educational institutions as an e-mail platform. In the event of a successful attack via the vulnerabilities, it is possible to access data from the e-mail system. Microsoft has been made aware of the security gaps by IT security researchers.