Advertisement
UK markets closed

  • FTSE 100

    7,895.85
    +18.80 (+0.24%)
     

  • FTSE 250

    19,391.30
    -59.37 (-0.31%)
     

  • AIM

    745.67
    +0.38 (+0.05%)
     

  • GBP/EUR

    1.1607
    -0.0076 (-0.65%)
     

  • GBP/USD

    1.2370
    -0.0068 (-0.55%)
     

  • Bitcoin GBP

    51,956.27
    +409.26 (+0.79%)
     

  • CMC Crypto 200

    1,334.09
    +21.47 (+1.59%)
     

  • S&P 500

    4,967.23
    -43.89 (-0.88%)
     

  • DOW

    37,986.40
    +211.02 (+0.56%)
     

  • CRUDE OIL

    83.24
    +0.51 (+0.62%)
     

  • GOLD FUTURES

    2,406.70
    +8.70 (+0.36%)
     

  • NIKKEI 225

    37,068.35
    -1,011.35 (-2.66%)
     

  • HANG SENG

    16,224.14
    -161.73 (-0.99%)
     

  • DAX

    17,737.36
    -100.04 (-0.56%)
     

  • CAC 40

    8,022.41
    -0.85 (-0.01%)
     
Property:

11 beautiful homes with glorious garden rooms

Investing in a home with a garden room will enable you to enjoy your outside space whatever the weather

UK companies urged to update security after Microsoft hack

LaToya Harding
·Business Reporter, Yahoo Finance UK
·2-min read
Silhouettes of laptop and mobile device users are seen next to a screen projection of Microsoft logo in this picture illustration taken March 28, 2018. REUTERS/Dado Ruvic/Illustration
Companies have been told to install the latest Microsoft Exchange Server updates after earlier this week some 30,000 businesses in the US, and hundreds of thousands elsewhere, were attacked. Photo: Reuters/Dado Ruvic/Illustration (Dado Ruvic / reuters)

Security officials in the UK have warned organisations to update their security after hackers used flaws in Microsoft’s (MSFT) software to gain access to computers around the world.

Companies have been told to install the latest Microsoft Exchange Server updates after earlier this week some 30,000 businesses in the US, and hundreds of thousands elsewhere, were attacked.

A Chinese-sponsored hacker group dubbed Hafnium exploited vulnerabilities in Microsoft Exchange, leaving behind “web shells” that allowed cyber criminals to access victims’ systems remotely. The vulnerabilities go back 10 years, and have been exploited by hackers at least since January.

ADVERTISEMENT

Officials believe that more than 3,000 UK email servers are still at risk. The National Cyber Security Centre, a part of intelligence agency GCHQ, estimated that 7,000 servers in Britain had been affected by the flaw, and only half of them had been secured.

The presence of a web shell on a server does not guarantee that hackers have managed to steal files. Businesses are able to remove malicious software without any data breach taking place.

However, the agency said it was "vital" that all affected businesses took action to secure their email servers.

READ MORE: Firms warned they 'wouldn't survive' data breach as a third fail to train staff

The NCSC added that it was particularly concerned about small and medium-sized businesses that may not have heard about the issue.

"We are working closely with industry and international partners to understand the scale and impact of UK exposure, but it is vital that all organisations take immediate steps to protect their networks," NCSC's director for operations Paul Chichester said.

"While this work is ongoing, the most important action is to install the latest Microsoft updates."

He added: "Organisations should also be alive to the threat of ransomware and familiarise themselves with our guidance. Any incidents affecting UK organisations should be reported to the NCSC.”

WATCH: National Security Adviser Jake Sullivan says cyber hack is 'significant'