Lagos, Nigeria

Hack on Microsoft Exchange still an ‘active threat,’ says US government

Microsoft logoSource: Daniel Rubino / Windows Central

Last week, news emerged that Microsoft’s Exchange email server software was hacked. Microsoft blamed a state-sponsored group out of China, but Beijing has denied any involvement. The company released several security updates to address vulnerabilities, but the hacks remain an “active threat,” according to the U.S. government.

Reuters reports that while Microsoft released a patch that addresses the vulnerability, that any server already compromised by the attack can still be accessed through a “back-door.”

The National Security Council sent a Tweet over the weekend regarding the attack that states:

Patching and mitigation is not remediation if the servers have already been compromised. It is essential that any organization with a vulnerable server take immediate measures to determine if they were already targeted.

A White House official told Reuters that “This is an active threat still developing and we urge network operators to take it very seriously.” According to a source that spoke with Reuters, more than 20,000 organizations had been compromised by the hack as of March 7, 2021.

VPN Deals: Lifetime license for $16, monthly plans at $1 & more

Top U.S. security officials are working to decide the next steps, according to a White House official that spoke with Reuters.

Organizations that have already been compromised could include credit unions, local government offices, and small businesses. Reuters states that the situation has “left U.S. officials scrambling to reach victims, with the FBI on Sunday urging them to contact the law enforcement agency.”

A Microsoft representative told Reuters that the company is working with the U.S. government and others to help customers. The company also urged impacted clients to apply the software updates that it has rolled out as soon as possible.

A source told Reuters that only a small percentage of networks have been compromised through the back-door vulnerability, but that more attacks are expected.

This post was written by Sean Endicott and was first posted to WindowsCentral

Do you find this article helpful? Your Friend might too. So, please Share it with them using the Share button above.
Will you like to get notified when I post new updates? Then Follow me on any of my social media handles: Google News, Telegram, WhatsApp, Twitter, Facebook, Pinterest.
You can also drop your email address below if you wish to be notified by mail.

Tags: ,

%d bloggers like this: