WASHINGTON (Reuters) – Hackers in search of ransom have begun to take advantage of a recently reported flaw in Microsoft’s widely used email server software, the company said on Thursday – a serious escalation that could herald a widespread digital disruption .
The disclosure, initially made on Twitter by Microsoft Corp’s security program manager, Phillip Misner, and later confirmed by the Redmond, Washington-based company, is the perception of concerns that have been roaming the security community for days.
Since March 2, when Microsoft announced the discovery of serious vulnerabilities in its Exchange software, experts have warned that it was only a matter of time before ransomware gangs started using them to bring down organizations on the Internet.
Misner did not immediately respond to follow-up messages and Microsoft did not return emails requesting further comments. The United States Cybersecurity and Infrastructure Agency and the FBI also did not respond immediately.
Even though the security flaws announced by Microsoft have been fixed, organizations around the world have failed to fix their software, leaving it open to exploitation. Experts attribute the slow pace of updates for many customers in part to the complexity of the Exchange architecture and lack of experience. In Germany alone, officials said that up to 60,000 networks remained vulnerable.
All types of hackers have started to take advantage of the loopholes – a security company recently had 10 separate hacker groups using the flaws – but ransomware operators are among the most feared.
These groups work by blocking users of their devices and data, unless victims disburse large amounts of digital currency. They now have potentially access to “a large number of vulnerable systems,” said Brett Callow of cybersecurity company Emsisoft.
He said that more modest companies – many of which lack the capacity or awareness to update their software – may be particularly affected by the latest variant of ransomware.
“This is a potentially serious risk for small businesses,” he said.
Raphael Satter reporting; edition of Gerry Doyle and Jonathan Oatis