AN IT firm is urging people to update their cyber security after a breach by hackers.
Bondgate IT is urging businesses and organisations using Microsoft’s Exchange email system to urgently update their security following a breach by nation-state hackers.
Last month Microsoft issued multiple security updates after reporting that several of its Exchange servers were at risk of large-scale exploitation of unpatched vulnerabilities.
In the UK, the National Cyber Security Centre (NCSC) has estimated that 7,000 servers have been affected and, according to its latest update, only half have been secured.
Garry Brown, the managing director of Darlington based Bondgate IT, said his concern was that many small businesses may be unaware of the alerts.
He said: “This system is used around the globe, from major corporations to public organisations and small businesses.
“It’s reported that automatic tools are being used to scan Exchange servers to pinpoint those where security updates have not yet been installed. Hackers are then securing access to the compromised servers, allowing them to steal data or launch human-operated ransomware campaigns.”
The vulnerabilities affect the 2013, 2016 and 2019 versions of Microsoft Exchange Server.
The NCSC says that a defence update for Microsoft Exchange Server 2010 has also been released and organisations running an out-of-support version of Exchange Server should immediately update to a supported version.
Exchange Online, part of Microsoft 365, is not affected.
Comments: Our rules
We want our comments to be a lively and valuable part of our community - a place where readers can debate and engage with the most important local issues. The ability to comment on our stories is a privilege, not a right, however, and that privilege may be withdrawn if it is abused or misused.
Please report any comments that break our rules.
Read the rules here