Bondgate IT is urging businesses and organisations using Microsoft’s Exchange email system to urgently update their security following a breach by nation-state hackers.
Last month the US technology giant issued multiple security updates after reporting that several of its Exchange servers were at risk of large-scale exploitation of unpatched vulnerabilities.
In the UK, the National Cyber Security Centre (NCSC) has estimated that 7,000 servers have been affected and, according to its latest update, only half have been secured.
Garry Brown, the managing director of Darlington based Bondgate IT, said his concern was that many small businesses may be unaware of the alerts.
He said: “This system is used around the globe, from major corporations to public organisations and small businesses.
“It’s reported that automatic tools are being used to scan Exchange servers to pinpoint those where security updates have not yet been installed. Hackers are then securing access to the compromised servers, allowing them to steal data or launch human-operated ransomware campaigns.”
The vulnerabilities affect the 2013, 2016 and 2019 versions of Microsoft Exchange Server.
The NCSC says that a defence update for Microsoft Exchange Server 2010 has also been released and organisations running an out-of-support version of Exchange Server should immediately update to a supported version. Exchange Online, part of Microsoft 365, is not affected.
Garry added: “Any organisation which suspects they are using vulnerable versions of the Microsoft Exchange Server should go directly to Microsoft’s website for its security updates and further support.
“However, this highlights just how sophisticated cyber-attacks can be, and that operating updated systems is essential to protecting a business.
“While multi-factor authentication and encryption still present major barriers to hackers, there is no complete defence to protecting against zero day malware exploits.
“Adopting a multi-layered approach to security is the best approach, with each layer presenting several mitigations. This should be used in conjunction with a robust and reactive IT security strategy, that reduces the risk and limits any potential damage should the worst happen.”