At least 17,000 Microsoft Exchange servers in Germany are currently highly vulnerable to cyberattacks, representing about 37% of all servers. This alarming situation has prompted a warning from Germany’s Federal Security Office for Information Security (BSI), which highlighted the potential for “massive impairment of regular operations” in the country’s IT sector. The BSI emphasized the critical nature of the situation, noting that many German companies and organizations rely heavily on Microsoft Exchange for communication.
The security agency did not attribute blame to Microsoft but instead pointed to system administrators who have failed to implement necessary security measures. While the current vulnerability level is not as severe as in 2021 when almost half of Exchange servers in Germany were hijacked, more than a third of accessible systems remain highly vulnerable, with over half considered vulnerable.
Heise reported that only 15% of servers in Germany are running the latest Exchange version, leaving many systems exposed due to the use of outdated versions that are no longer supported by Microsoft. This situation has put various sectors at risk, including schools, universities, clinics, doctors’ surgeries, nursing services, legal and tax consulting firms, local authorities, and medium-sized companies.
The BSI has urged organizations to take immediate action, such as removing discontinued Exchange versions, installing all patches and updates, and activating Extended Protection. Failure to address these vulnerabilities could lead to cyberattacks, including data encryption followed by blackmail and ransom demands.
A Cybernews investigation from the previous year revealed that Germany accounts for the majority of vulnerable Exchange servers worldwide, with malicious actors from Russia and China having actively exploited these vulnerabilities in the past. It is crucial for organizations to prioritize cybersecurity measures to protect their systems and sensitive data from potential threats.
