Microsoft has warned that customer email servers are being attacked by a number of groups, not just China, a report by Sky News has revealed.

Last week the tech giant said it was confident that HAFNIUM, a group assessed to be state-sponsored and operating out of China, was responsible for a global hacking campaign that saw multiple threat actors taking advantage of unpatched systems to attack organisations with on-premises Microsoft Exchange servers.

Reports say that researchers are concerned that the tools used by state-sponsored groups to access these servers could be exploited by criminals.

China’s alleged campaign against Microsoft services is believed to have compromised tens of thousands of servers across the world, with the intention of then targeting specific victims, the news organisation said.

The UK’s National Cyber Security Centre (NCSC) today said that Microsoft had released a number of security updates to patch vulnerabilities in Microsoft Exchange Server 2013, 2016, and 2019.

“The NCSC recommends that vendor best practice is followed in the mitigation of vulnerabilities, and in this case it is important that customers install the latest updates immediately,” said the centre.

Yesterday the European Banking Authority (EBA) announced that its Microsoft Exchange Servers had been hit by a cyber-attack.

The EBA said that as a precautionary measure, it decided to take its email systems completely offline.

Share Story: