WASHINGTON (Reuters) – Hackers seeking ransom have begun to take advantage of a recently revealed flaw in Microsoft’s widely used mail server software, the company said early Thursday – a serious escalation that could predict widespread digital disruption.
The disclosure, initially made on Twitter by Phillip Misner, the manager of Microsoft Corp’s security program and later confirmed by the Redmond, Washington-based company, is the realization of the concerns that have been troubling the security community for days.
Since March 2, when Microsoft announced the discovery of serious vulnerabilities in its Exchange software, experts have warned that it was only a matter of time before ransomware gangs started using them to take down organizations on the Internet.
Misner did not immediately respond to follow-up messages, and Microsoft did not return emails requesting further comment. The U.S. Cybersecurity and Infrastructure Security Agency and the FBI also did not immediately respond.
While the vulnerabilities announced by Microsoft have since been fixed, organizations around the world have failed to patch their software, leaving them open to exploitation. Experts attribute the slow pace of many customers’ updates in part to the complexity of Exchange’s architecture and lack of expertise. In Germany alone, officials have said that up to 60,000 networks remained vulnerable.
Hackers of all kinds are starting to exploit the holes – a security firm recently counted 10 separate hacking groups using the flaws – but ransomware operators are among the most feared.
Those groups work by denying users access to their devices and data unless the victims cough up large amounts of digital currency. They may now have access to “a large number of vulnerable systems,” said Brett Callow of cybersecurity firm Emsisoft.
He said more humble companies – many of which lack the ability or the awareness to update their software – could be particularly affected by the latest variant of ransomware.
“This is a potentially serious risk for small businesses,” he said.
Reporting by Raphael Satter; edited by Gerry Doyle and Jonathan Oatis