Hackers have already made at least 11 Belgian victims due to a vulnerability in Microsoft Exchange, a popular e-mail server. This is reported by the Center for Cybersecurity Belgium (CCB). The leak was discovered at the beginning of this month and has now been closed with an update, but many users have implemented that update too late or not even. With all its consequences.
–
Do you have an email account from your work? Then there is a good chance that it runs on Microsoft Exchange. It is a server application that, among other things, arranges mail traffic and calendars of an organization. Exchange is an industry standard.
At the beginning of March, there was a blind panic at Microsoft. What turned out? Hackers had one ‘zero day-exploit– found a leak or vulnerability that was in the code from the start – and were able to gain access to corporate Exchange servers. That way they could read e-mails unseen. In some cases, they could also install malware through that server to gain access to victims’ computers. In the meantime, Microsoft has closed the leak with several security updates. The problem is that administrators of such servers have implemented the updates too slowly or not at all.
In the meantime, the damage has been done and 11 victims have reported to the CCB. Given that only very few private individuals have their own e-mail server, these are probably companies and / or public institutions. There have also been victims elsewhere in Europe: the European banking authority saw its servers hacked and the Norwegian parliament was also hit. According to Microsoft, discovering and exploiting the leak was the work of a team of hackers on behalf of the Chinese government, but yesterday it turned out that at least ten hacker groups are involved.
1,170 companies are in “immense danger”
According to cyber security company Secutec, approximately 1,170 Belgian companies risk being hacked as a result of the leak. This is evident from the company’s own research. The finding was still “a huge risk of being hacked in a very short time”. According to CEO Geert Baudewijns, these are “SMEs, police zones, municipal authorities and even one of the country’s parliaments”.
“Hackers are now massively infiltrating corporate networks now that the ports are still wide open, the next step is that in a few days they will proceed to encrypt the network with encryption software. They do this in order to be able to ask a ransom for those encryption keys afterwards, ”says Baudewijns.
Secutec has passed the list of the companies affected to it Computer Emergency Reponse Team (CERT) from the government. Baudewijns previously stated that Belgian companies pay a ransom of 100 million annually to hackers to recover their systems, and he now expects that figure to double quickly “if this hack continues”. He calls on companies to “take this very seriously and not delay the update any longer”.
– .