NCSC warns businesses to update mail exchange server ‘as a matter of urgency’

12 March 2021, 17:24

Person using a laptop
NCSC warns businesses to update mail exchange server as a matter of urgency. Picture: PA

Vulnerability in Microsoft Exchange Server, used by companies across the world, first came to light last week.

Businesses in the UK have been warned to install a security patch as a matter of urgency by the country’s cyber experts, amid concerns that thousands of email servers could be vulnerable.

The National Cyber Security Centre (NCSC) has redoubled guidance about a Microsoft Exchange Server issue, which could be highly damaging if exploited by hackers.

Microsoft Exchange Server is used by firms across the globe for managing email and calendars.

An alert was first published by the information security arm of GCHQ on March 3, urging firms to install the latest update for 2013, 2016 and 2019 editions of Microsoft Exchange Server immediately.

It is believed between 7,000 and 8,000 exchange servers could be vulnerable, but only half of them are thought to be currently patched.

All organisations are advised to proactively search systems for evidence of compromise in case they have already been affected.

Microsoft believes a highly skilled and sophisticated actor, dubbed Hafnium, is behind the campaign, and is backed by China’s government.

At present, there have been no reported cases of the vulnerability being used to attack businesses in the UK, but the NCSC fears small business in particular could be hit if advice is missed.

Paul Chichester, NCSC director for operations, said: “We are working closely with industry and international partners to understand the scale and impact of UK exposure, but it is vital that all organisations take immediate steps to protect their networks.

“Whilst this work is ongoing, the most important action is to install the latest Microsoft updates.

“Organisations should also be alive to the threat of ransomware and familiarise themselves with our guidance. Any incidents affecting UK organisations should be reported to the NCSC.”

By Press Association

More Technology News

See more More Technology News

TikTok on a smartphone

TikTok to begin appeal against possible US ban

The Darktrace wesbite

Darktrace set to leave London Stock Exchange at end of September

An unidentified hacker in dark hoodie performing at a comupter

UK convenes nations for talks on global cybersecurity

Icons of social media apps, including Facebook, Instagram, YouTube and WhatsApp, are displayed on a mobile phone screen

Meta to begin training AI on public posts from UK Facebook and Instagram users

JLR Rover the Boston Dynamics robot dog (JLR/PA)

JLR’s new ‘Rover’ is a robotic dog employed to protect brand’s EV facility

The logo and name of the technology company OpenAI on a smarthpone

OpenAI unveils new models designed to think more before answering

A person looking at a mobile phone whose screen has been blurred

Government strengthens Online Safety Act to crack down on revenge porn

Vodafone and Three logos

Vodafone and Three merger could increase phone bills for millions, watchdog says

A mobile phone mast being photographed by a mobile phone

6G network at least a decade away, expert says

A sign for the London underground in central London.

Teenager arrested over Transport for London cyber attack

Cyber security

BT ‘logs 2,000 signals of potential cyber attacks every second’

ChatGPT website with pink lettering displayed on a screen

OpenAI in talks to raise funds at £115bn valuation – reports

Person typing on a laptop

UK data centres to be designated as ‘critical infrastructure’

A plaque outside the offices of the Data Protection Commission in Dublin

Irish watchdog launches probe into Google’s AI model

The technology giant said the growth of cloud computing and artificial intelligence was key to the increasing investment (Niall Carson/PA)

Amazon Web Services ‘to invest £8bn in UK over next five years’

The hands of a person on a laptop keyboard

Most people have no plan for digital assets upon death, Which? warns

More Tech News

See more More Tech News

Pupils eating lunch

Data watchdog reprimands school over facial recognition for canteen payments

Elon Musk laughs

Elon Musk: Tesla will begin using humanoid robots next year

A laptop user looking at an option page in the Google Chrome internet browser allowing users to clear their online browsing data

Google ditches plans to remove third-party cookies in Chrome

Passengers queue outside Stansted airport in Essex

What are air passengers entitled to during IT outage flight disruption?

A payslip

Payroll software halted by global IT outage, say businesses

A cash only sign on the window of a Cambridge shoe shop

Shops report not being able to take card payments amid IT outage

Latest UK News

See more Latest UK News

Tins of Heinz Baked Beans on a supermarket shelf in London, England, UK

Has Bean: Fans devastated as Heinz confirms beloved product has been discontinued

Nurse Found Guilty Of Murdering Seven Babies At Countess Of Chester Hospital

Mum of baby murdered by Lucy Letby 'kept in the dark' about circumstance of son's death by hospital - as she demands apology
David Aston

Author and wife could be banned from their own £500k home after stalking neighbours

London, UK. 10th February, 2016. Junior doctors march on Parliment © Ian Davidson/Alamy Live News Credit: Ian Davidson/Alamy Live News

Junior doctors in England vote to accept government pay deal worth 22.3% after two-year dispute
Giorgia Meloni - Keir Starmer meeting in Rome

Keir Starmer praises 'remarkable progress' made by Italian PM Giorgia Meloni in tackling migration
Nato chief says up to 'individual allies to make decision' over allowing Ukraine to use long-range missiles inside Russia

Nato chief says up to 'individual allies to make decision' on allowing Ukraine to use long-range missiles inside Russia

More Topics

See more More Topics

War in Ukraine

Cost of Living Crisis

UK Strikes

Immigration

Crime & Police

London

NHS

Brexit