WASHINGTON (Reuters) – Redemption-seeking hackers have begun to take advantage of a recent error in Microsoft’s widely used mail server software, the company said early Thursday – a serious escalation that could predict a digital outage on the scale wide.
The disclosure, originally made on Twitter by Microsoft Corp. security program manager Phillip Misner and later confirmed by the Redmond, Washington-based company, is a realization of concerns that have been circulating in the security community for several days.
As of March 2, when Microsoft announced the discovery of serious vulnerabilities in its Exchange software, experts warned that it was only a matter of time before ransomware gangs began using them to shake up organizations on the Internet.
Misner did not immediately respond to follow-up messages, and Microsoft did not return emails requesting additional comments. The US Cyber Security and Infrastructure Agency and the FBI also did not respond immediately.
Even though the security holes announced by Microsoft have been fixed since then, organizations around the world have failed to correct their software, leaving them open for exploitation. Experts attribute the slow pace of updates to many customers, in part, to the complexity of the Exchange architecture and the lack of expertise. In Germany alone, officials said up to 60,000 networks remained vulnerable.
All sorts of hackers have started taking advantage of the holes – a security firm recently counted 10 separate hacking groups using the flaws – but ransomware operators are among the most feared.
These groups work by blocking users from their devices and data, unless the victims cough up large chunks of digital currency. I can now access “a large number of vulnerable systems,” said Brett Callow of cybersecurity company Emsisoft.
He said that more modest companies – many of which do not have the capacity or awareness to update their software – could be particularly affected by the latest version of ransomware.
“This is a potentially serious risk for small businesses,” he said.
Reporting by Raphael Satter; edited by Gerry Doyle and Jonathan Oatis