Businesses in the UK have been warned to install a security patch as a matter of urgency by the country’s cyber experts, amid concerns that thousands of email servers could be vulnerable.
The National Cyber Security Centre (NCSC) has redoubled guidance about a Microsoft Exchange Server issue, which could be highly damaging if exploited by hackers.
Microsoft Exchange Server is used by firms across the globe for managing email and calendars.
An alert was first published by the information security arm of GCHQ on March 3, urging firms to install the latest update for 2013, 2016 and 2019 editions of Microsoft Exchange Server immediately.
It is believed between 7,000 and 8,000 exchange servers could be vulnerable, but only half of them are thought to be currently patched.
Update for organisations on Microsoft Exchange Server vulnerabilities https://t.co/1FSYNgPUOF pic.twitter.com/swXP96Gc9S
— NCSC UK (@NCSC) March 12, 2021
All organisations are advised to proactively search systems for evidence of compromise in case they have already been affected.
Microsoft believes a highly skilled and sophisticated actor, dubbed Hafnium, is behind the campaign, and is backed by China’s government.
At present, there have been no reported cases of the vulnerability being used to attack businesses in the UK, but the NCSC fears small business in particular could be hit if advice is missed.
Paul Chichester, NCSC director for operations, said: “We are working closely with industry and international partners to understand the scale and impact of UK exposure, but it is vital that all organisations take immediate steps to protect their networks.
“Whilst this work is ongoing, the most important action is to install the latest Microsoft updates.
“Organisations should also be alive to the threat of ransomware and familiarise themselves with our guidance. Any incidents affecting UK organisations should be reported to the NCSC.”
