Major cyberattack on Microsoft email accounts: According to insiders, tens of thousands of businesses, government agencies and schools in the United States have been affected. This is reported by several US media. The attackers have therefore exploited a security gap in the “Exchange” e-mail service of the Microsoft software company.
According to US cybersecurity expert Brian Krebs, e-mails were stolen and computers were infected with programs that allow remote control. White House spokeswoman Jennifer Psaki spoke of a “current threat.” Everyone who uses these servers must act now. Many small businesses, city administrations and regional governments are affected.
Microsoft blames a Chinese hacker group called “Hafnium” for the attacks. The US company published a security update on Tuesday. However, this has only been installed by around ten percent of users so far.
Top jobs of the day
be notified by email.
According to information from the IT service provider Shodan, tens of thousands of Exchange servers in Germany can be attacked via the Internet and there is a high probability that they are already infected with malware. “Organizations of all sizes are affected,” said the BSI.
Tens of thousands of Exchange servers in 🇩🇪 are noisy @shodanhq attackable via the internet and probably already infected. Organizations of all sizes are affected. The BSI has started to inform those potentially affected. Info here: 🔗https: //t.co/BQbx7eQC0l GermanyDigitalSicherBSI pic.twitter.com/QAozsNRYkA
– BSI (@BSI_Bund) March 5, 2021
According to its own statements, the authority has started to inform those potentially affected. The BSI recommends that all operators of affected Exchange servers immediately apply the patches provided by Microsoft. The security updates for the “Exchange Server” product have closed four vulnerabilities. “These are currently being actively exploited by a group of attackers,” explained the BSI.
BSI President Schönbohm: “The situation is serious”
They could be exploited remotely from the Internet. It is also conceivable that “more far-reaching attacks” with the rights of an assumed Exchange server can potentially compromise the entire domain with little effort. “Systems that have not yet been patched should be assumed to have been compromised.” The agency currently rates the risk of attack as very high.
The BSI is concerned that thousands of systems still had vulnerabilities that have been known for over a year and have not yet been fixed with a security update. Small and medium-sized companies in particular could be affected by this. “In addition to access to the e-mail communication of the respective company, attackers can often gain access to the entire company network via such vulnerable server systems.”
According to the BSI, more than 9,000 companies are affected. “The actual number of vulnerable systems in Germany is likely to be significantly higher,” added the authority.
BSI President Arne Schönbohm said to “Zeit Online”: “The situation is serious. We have thousands of open systems in Germany that have not been secured and are still open to attackers. ”If this is not already done, data and know-how could flow away, and production plants could come to a standstill.
More: Teams instead of Windows: How Microsoft wants to make itself indispensable in the future
[ source link ]
Tens thousands Microsoft customers believed hit hacker attack