Featured

Published on March 10th, 2021 📆 | 3616 Views ⚑

0

Australian corporations hit by massive Microsoft Server hack


Text to Speech

Australia's cyber security watchdog has urgently warned Aussie corporations using Microsoft Exchange products to urgently patch their software after it was compromised by hackers.

Microsoft Exchange Server holds millions of corporate emails, calendars and rostering products and if hacked entire email inboxes could be wiped as well as stolen.

The Australian Signals Directorate's Australian Cyber Security Centre (ACSC) today confirmed Australian organisations – thought to be over 7000 servers locally - had been affected by the hack.

The hack has affected Microsoft Exchange Server around the globe. (AP)

Ladislav Zezula, Malware Analyst at antivirus provider Avast, said the hack could be potentially very damaging for corporations.

"There is a vulnerability in Microsoft Exchange email and calendar server causing potential threat for businesses using the solution," Mr Zezula said.

"When exploited by cyberattackers, this vulnerability can lead to wiping the computer, installation of ransomware or backdoors, stealing all email addresses and messages as well as spreading to the entire company's network."

The US believes the hack has links to China. (Getty)

Mr Zezula explained that this was not an attack on individuals but rather large corporations and public institutions.





"Running the malicious code under the SYSTEM account, the attacker can completely take over the computer," Mr Zezula said.

"Possible collateral moves are wiping the machine, installation of ransomware, installation of backdoors, stealing all e-mail addresses and e-mail messages."

vpnMentor cybersecurity researchers claim they found an unsecured server shared by several VPNs (file photo).
The hack not an attack on individuals but rather large corporations and public institutions. (iStock)

He explains that hackers could leave no trace of their involvement, but instead install "back doors" which would allow them to enter remotely at any time.

"Because an Exchange Server is often the heart of the e-mail communication in a company, this would effectively cripple the company's communication, as well as reveal their internal intellectual properties," Mr Zezula said.

"Furthermore, the attackers can actually move laterally through the network.

"This could lead to all kinds of attacks, such as a full ransomware attack against all computers in the network and massive data leaks."

Source link

Tagged with:



Comments are closed.






© Torchsec  Privacy Policy Disclaimer  T&C



Back to Top ↑