Hackers exploiting Microsoft Exchange servers hit 32 indian organisations: Check Point Research
The finance and banking sector was the worst affected by these hits, the Check Point Research report revealed.
According to a report by Check Point Research, a total of 32 organisations in India were hit by hackers who exploited vulnerabilities in Microsoft Exchange servers. The report also mentions that the finance and the banking sector was the worst affected with 28% of the hacks being targeted at it, followed by government and military (16%), manufacturing (12.5%), insurance and legal (9.5%). All other industries constituted the remaining 34%.
Check Point Research report was shared on March 15 and the company also mentioned that hacking attempts across organisations increased ten fold, from 700 to 7,200, between March 11 and March 15.
Globally, the most attacked country was the United States facing 17% of the attacks, followed by Germany with 6%, United Kingdom with 5%, Netherlands with 5%, Russia with 4% and the remaining 63% covered all the other countries. United States was also the only country to score double digits on this list.
The government and military sector was the most affected industry globally facing 23% of all attacks.
As per the report, healthcare constituted for only 6% of all attacks globally despite the ongoing Covid-19 pandemic affecting people and organisations across the world.
Microsoft released an emergency patch on March 3 to deal with hackers and bolster security on the main server through which anything on Outlook can be accessed including all emails and calendar invitations.
Just earlier this year, a Taiwanese security company called Devcore reported two vulnerabilities in Microsoft. When the company investigated these, they uncovered five more vulnerabilities out of which four were zero-day vulnerabilities. By the time the investigation was completed, the attacker had already gained access to emails and/or an user's email account without any authentication.
This vulnerability chaining also enabled the attacker to take over mails altogether. Once this was accomplished, the hacker could open the network up and access it remotely. This made it a major threat to millions of organisations globally.
“If your organisation's Microsoft Exchange server is exposed to the internet, and if it has not been updated with the latest patches, nor protected by a third party software, then you should assume the server is completely compromised,” Lotem Finkelsteen, Manager Threat Intelligence at Check Point Software, said in the report.