17,000+ Microsoft Exchange servers in Germany 'highly vulnerable'


At least 17,000, or 37%, of all Microsoft Exchange servers in Germany are highly vulnerable to cyberattacks, authorities have warned.

Germany’s Federal Security Office for Information Security (BSI) has warned of “massive impairment of regular operations” in the country’s IT sector, where it said the situation is “business-critical.”

The warning was issued due to the “disastrous” security situation regarding the use of Microsoft Exchange, the most important tool of communication for many German companies and organizations, the news outlet Heise reported.

ADVERTISEMENT

The BSI did not lay blame on Microsoft for the situation but rather system administrators who it said failed to implement known and “urgently required” security precautions

The situation is not as dire as in 2021, when almost half of Exchange servers in Germany were hijacked and equipped with backdoors, according to Heise. However, more than a third of all accessible systems are still “highly vulnerable” and more than half are “vulnerable”.

According to Heise, only a “meager” 15% of servers in Germany are running the latest Exchange version, while many still use outdated versions that Microsoft no longer supports.

"Many schools and universities, clinics, doctors' surgeries, nursing services and other medical facilities, lawyers and tax consultants, local authorities and medium-sized companies are particularly affected," the BSI said.

All those are vulnerable to cyberattacks, including “the encryption of data with subsequent blackmail and ransom demands,” the agency warned.

It called on organizations to take urgent measures, including removing discontinued Exchange versions, installing all patches and cumulative update packages, and activating Extended Protection.

A Cybernews investigation last year revealed that Germany accounts for most of the 85,000+ vulnerable Exchange servers worldwide. Russia- and China-linked malicious actors were found to have actively exploited these vulnerabilities in the past.

ADVERTISEMENT