Microsoft says ransom-seeking hackers take advantage of server loopholes

WASHINGTON (Reuters) – Ransom-seeking hackers have started to take advantage of a recently exposed flaw in Microsoft’s widely used mail server software, the company said Thursday morning – a severe escalation that could presage a generalized digital disturbance.

The disclosure, initially made on Twitter by Phillip Misner, head of Microsoft Corp’s security program, and then confirmed by the Redmond, Wash., Based company, is an awareness of the concerns that have plagued the security community for days.

Since March 2, when Microsoft announced the discovery of serious vulnerabilities in its Exchange software, experts have warned that it was only a matter of time before ransomware gangs started using them to shake organizations down. Internet.

Misner did not immediately respond to follow-up messages, and Microsoft did not return emails requesting further comment. The US Agency for Cybersecurity and Infrastructure Security and the FBI also did not respond immediately.

Although the security holes announced by Microsoft have since been fixed, organizations around the world have failed to patch their software, leaving it open for exploitation. Experts attribute the slow pace of updates for many customers in part to the complexity of Exchange’s architecture and lack of expertise. In Germany alone, officials said up to 60,000 networks remained vulnerable.

All manner of hackers have started to take advantage of the loopholes – a security company recently identified 10 separate hacker groups using the loopholes – but ransomware operators are among the most feared.

These groups work by excluding users from their devices and data unless the victims spit out large chunks of digital currency. They now have potentially access “to a large number of vulnerable systems,” said Brett Callow of cybersecurity firm Emsisoft.

He said smaller companies – many of which lack the capacity or awareness to update their software – could be particularly affected by the latest variant of the ransomware.

“This is a potentially serious risk for small businesses,” he said.