Friday, November 15, 2024
spot_img

Hackers hit 32 Indian firms via Microsoft email servers

Date:

Share post:

spot_img
spot_img

New Delhi, March 15 : At least 32 Indian organizations have been attacked by hackers who exploited vulnerabilities in unpatched Microsoft business email servers, a new report warned on Monday, adding that the finance and banking institutions have been hit the most in the country.
The finance and banking institutions (28 per cent) in India are followed by government military organizations (16 per cent), manufacturing (12.5 per cent),
insurance legal (9.5 per cent) and others (34 per cent), according to Check Point Research.
Overall, the hacking attempts on organizations using the services of those unpatched on-premises servers have multiplied by more than six times (or tripled) in the past 72 hours.
The country most attacked was the US (21 per cent of all exploit attempts), followed by The Netherlands (12 per cent) and Turkey (12 per cent), along with India.
Most targeted industry sector has been government/military (27 per cent of all exploit attempts), followed by manufacturing (22 per cent), and then software vendors (9 per cent), the researchers noted.
“A full race has started among hackers and security professionals. Global experts are using massive preventative efforts to combat hackers who are working day-in and day-out to produce an exploit that can successfully leverage the remote code execution vulnerabilities in Microsoft Exchange,” said the researchers from the cyber security firm.
Amid reports indicating that about five different hacking groups are attacking the business email servers of Microsoft, the tech giant has also detected a new family of ransomware.
Named as ‘DearCry,’ the new ransomware is “being used after an initial compromise of unpatched on-premises Exchange Servers,” Microsoft said in a tweet last week. It uses the same four vulnerabilities that Microsoft linked to a new China-backed hacking group called “Hafnium”.
On March 3, Microsoft released an emergency patch for its Exchange Server product, the most popular mail server worldwide. All incoming and outgoing emails, calendar invitations and virtually anything accessed within Outlook goes through the Exchange server.
Orange Tsai from DEVCORE, a security firm based in Taiwan, reported two vulnerabilities in January.
Unaware of the full magnitude of these findings, Microsoft was prompted to further investigate their Exchange server. The investigation uncovered five more critical vulnerabilities.
The vulnerabilities allow an attacker to read emails from an Exchange server without authentication or accessing an individual’s email account.
Further vulnerability chaining enables attackers to completely take over the mail server itself.
“If your organisation’s Microsoft Exchange server is exposed to the internet, and if it has not been updated with the latest patches, nor protected by a third party software, then you should assume the server is completely compromised,” warned Lotem Finkelsteen, Manager of Threat Intelligence, Check Point Software.
Right now, the purpose of the attack and what cybercriminals wanted within the network is still unknown.(IANS)

spot_img
spot_img

Related articles

Janjatiya Gaurav Diwas: An account of PM Modi’s close experiences with tribal communities

New Delhi, Nov 15: Prime Minister Narendra Modi on Friday paid tributes to Bhagwan Birsa Munda on his...

Who was Birsa Munda, whose ‘Ulgulan’ declared the end of British rule in Jharkhand?

Ranchi, Nov 15: Girded by forests and hills, Ulihatu village in Jharkhand's Khunti district, 66 km from state...

Indian economy to touch $7 trillion mark by 2031: Report

New Delhi, Nov 15: The Indian economy is expected to clock a medium-term growth of 6.7 per cent...

Prez Murmu pays tribute to Bhagwan Birsa Munda on Janjatiya Gaurav Divas

New Delhi, Nov 15: President Droupadi Murmu on Friday paid floral tributes to Bhagwan Birsa Munda at Parliament...