SecurityBrief Asia - Technology news for CISOs & cybersecurity decision-makers
Story image
Hackers target Microsoft email server vulnerabilities
Wed, 25th Aug 2021
FYI, this story is more than a year old

Urgency and clarity are amongst the most important actions when it comes to signalling the need for software updates, according to CybSafe chief executive officer Oz Alashe.

The comments follow reports that hackers are targeting Microsoft email servers, with more than 50% of exchange servers in the UK not being adequately updated following the exposure of vulnerabilities.

According to reports, hackers are targeting Microsoft email servers after a series of vulnerabilities were detailed at a computer security conference for BlackHat earlier this month.

Among the servers still vulnerable to attack are several on the British government's gov.uk domain as well as the police.uk domain used by forces in England, Wales and Northern Ireland.

Several researchers and organisations have since reported the infiltration of vulnerable servers by cyber criminals, who have used security gaps to deploy ransomware.

CybSafe chief executive officer Oz Alashe commented on the importance of urgency and clarity when it comes to signalling the need for software updates, and the consequences if this is not properly carried out.

"The lack of remediation action following the exposure of these vulnerabilities needs to be a lesson in the importance of messaging and vigilant security behaviours," he says.

"These gaps in our defences will always emerge, but what matters is the speed and clarity of the response. Any ambiguity can lead to vital software updates not being deployed, and leave organisations exposed to malicious actors and ransomware attacks."

Alashe says with gov.uk and the police.uk among the domains still without the necessary Microsoft email server update, the consequences of not addressing these vulnerabilities are clear.

"Keeping software updated is a simple yet highly effective way we can reduce our cyber risk, and organisations need to ensure they convey its importance with speed and clarity," he says.

In response to the discovery, the UK's National Cyber Security Centre (NCSC) told Sky News: “We are aware of ongoing global activity targeting previously disclosed vulnerabilities in Microsoft Exchange servers.

“At this stage, we have not seen evidence of UK organisations being compromised, but we continue to monitor for impact.

“The NCSC urges all organisations to install the latest security updates to protect themselves and to report any suspected compromises via our website.

A Microsoft spokesperson has said: “Customers who have applied the latest updates are already protected against these vulnerabilities.

According to Sky News, Kevin Beaumont, a security researcher who formerly worked for Microsoft, criticised the company for what he termed "knowingly awful" messaging to get customers to update their software.