Global surge in ransomware attacks exploiting Microsoft Exchange Server vulnerabilities: Check Point Research


There has been a shift in the path of ransomware attacks this yr because of the vulnerabilities discovered in the Microsoft Exchange Server that affected organisations worldwide. As per Check Point Research (CPR), as a substitute of creating healthcare sector their normal goal to ask for ransom throughout Covid-19 pandemic, there was a surge in the variety of ransomware attacks exploiting Microsoft Exchange Server vulnerabilities.

A 9 per cent month-to-month improve in ransomware attacks has been famous this yr amounting to a complete of fifty,000 attacks globally. India is third on the record of essentially the most affected international locations by ransomware assault makes an attempt at seven per cent following the United States (12 per cent) and Israel (eight per cent) respectively.

The report says that in the final six months there was a rise of 57 per cent in the variety of organisations affected by these attacks. These attacks contain human-operated ransomware, together with Maze and Ryuk. Using these ransomware, cybercriminals negotiate the phrases with the sufferer organisations.

Cybersecurity and Infrastructure Security Agency (CISA) just lately alerted the organisations towards the ransomware attacks exploiting Microsoft Exchange extreme vulnerabilities. The report says that the variety of these attacks tripled final week. CPR says that essentially the most affected sector by WannaCry ransomware is authorities/navy (18 per cent) adopted by manufacturing (11 per cent), finance/banking (eight per cent), healthcare (six per cent) and others.

The WannaCry ransomware has surfaced on this scale after making its debut 4 years in the past. The cause behind the resurfacing is unclear to date. However, a 53 per cent improve has been recorded in the organisations affected by it for the reason that begin of 2021. This quantity is 40 instances when in comparison with the numbers in October 2020.

CPR says that it nonetheless makes use of EternalBlue exploit to focus on organisations for which safety patches have been accessible for 4 years. The cybersecurity firm additionally factors out why there’s a must replace their techniques as quickly because the fixes can be found to save lots of themselves from getting uncovered to attacks.


Please enter your comment!
Please enter your name here