500 Email servers in the UK are said to be affected by what Microsoft thinks is a Chinese state-sponsored attack, meaning the Chinese government funded the attackers that carried out the attack.
The attack was first announced by Microsoft on the 2nd of March where they said the group that carried the attack out used ‘never before seen hacking techniques’. Once the attack had been carried out, it allows attackers to steal or spy on emails or launch more advanced attacks using what is called a ‘Webshell’, a webshell is a piece of computer code that acts as a backdoor into a network, giving attackers a foothold into critical systems like Exchange’s email servers.
Microsoft was quick to release a hotfix for the bugs that allowed the attack to happen and urged people to install them to protect themselves. But some reports are saying it could have already affected over 10,000 organizations across 115 countries.
CyberGuard Technologies said: “It’s widespread and very much a case of hackers hosing their attacks at as many targets as they can before companies can secure their systems.” And have warned of a second wave of mass ransomware attacks as a result of the webshells being used.
The patches Microsoft released were included in this month’s ‘patch Tuesday’ on the 9th of March 2021, if you have not installed these just yet you can do so by searching ‘Windows update’ at the bottom of your desktop and completing the updates.
Cyber Wise recommends that you stay vigilant and keep on top of all updates and report any suspicious email activity to the appropriate people. This will minimise the damage caused if it can be caught early, if allowed to spread, the damage could be devastating. If you want to read more about ransomware and learn about how it can be damaging to your business, click here