Published in News

Germany badly hit by Microsoft flaw

by on11 March 2021


60,000 systems

More than 60,000 computer systems in Germany were exposed to a flaw that allows unauthorised users to access systems in Microsoft's email software, the head of its cybersecurity watchdog said on Wednesday.

More than half of Exchange servers were fixed, after the Federal Office for Information Security's (BSI) warning and Microsoft's patch issue.

However more than 25,000 systems still need to be fixed, BSI chief Arne Schoenbohm said.

"The warning has worked. In Germany, many Exchange servers have been secured by downloading patches. Every vulnerable system is one too many and can lead to harm."

In a 14-page report on the Microsoft vulnerability, the BSI said hackers' behaviour exploiting it had changed since it was publicly revealed.

Initially, most targets had been think tanks, universities, non-governmental organisations, law firms and defence companies - mostly in the United States.

"Now, these exploits are being deployed at mass scale against thousands of targets - apparently worldwide", the report said.

According to researchers at cybersecurity company ESET, at least ten different hacking groups were using the latest flaw in Microsoft's mail server software to break into targets around the world. In Germany, two federal authorities were affected by the hack, the BSI said, declining to say which.

 

Last modified on 11 March 2021
Rate this item
(0 votes)

Read more about: