UK officials have urged companies to update their email servers amid fears of widespread hacks.
Last week, Microsoft said that it had found major vulnerabilities in its Exchange Server tools, which is used to run email and calendars for many large companies.
Those vulnerailities were already being exploited, it said. Since then it has emerged that such attacks could be widespread, with a range of hackers making use of the security flaw.
Microsoft has since issued updates intended to fix them, but companies are only safe if they have applied those updates.
The National Cyber Security Centre (NCSC) advised companies to ensure they had installed those updates and that they should familiarise themselves with its advice on ransomware and other threats that may follow any attacks.
In a tweet, Microsoft Security Intelligence confirmed that it was already seeing “a new family of ransomware” that was being used on Exchange Servers that had not yet had the critical security updates installed on them.
Ransomware infects a system and stops it working as normal, encrypting data so that files cannot be accessed until fee – or ransom – is paid to decrypt them and get them back. As such, an attack can immediately cause untold damage to any company or organisation that relies on its computer systems.
The NCSC also advised people to ensure that they search their systems for evidence that they had been compromised. Its official advice notes that institutions should do so whether or not they updated quickly, because they might have been successfully attacked before the update was installed, and the update does not fix a system that has already been compromised.
“We are working closely with industry and international partners to understand the scale and impact of UK exposure, but it is vital that all organisations take immediate steps to protect their networks,” said Paul Chichester, director of operations at the National Cyber Security Centre.
“Whilst this work is ongoing, the most important action is to install the latest Microsoft updates.
“Organisations should also be alive to the threat of ransomware and familiarise themselves with our guidance. Any incidents affecting UK organisations should be reported to the NCSC.”
The flaws affect the 2013, 2016 and 2019 versions of Microsoft Exchange Server. They do not affect Exchange Online, the service which is offered as part of Microsoft’s online 365 tool.
It pointed organisations to its advice on dealing with ransomware and other malware attacks.
Join our new commenting forum
Join thought-provoking conversations, follow other Independent readers and see their replies