ALERT: Microsoft exchange server targeted in cyber attacks, NITDA warns

March 16

20:56 2021

Print This Article

The National Information Technology Development Agency (NITDA) has advised users of the Microsoft exchange server to update the software to prevent cyber attacks.

In a statement published on the NITDA’s official Twitter account on Tuesday, the agency urged Nigerians to ensure that the system software is updated, as it has now become a target for cybercriminals..

The Microsoft exchange server is a software that manages and stores emails. If a server is compromised, access could be granted to an outside source and all emails, email addresses and passwords could be accessed.

On March 3, Microsoft had issued a statement noting that exchange servers had witnessed a number of “limited attacks”, and customers were advised to update their servers immediately.

“Microsoft has detected multiple 0-day exploits being used to attack on-premises versions of Microsoft Exchange Server in limited and targeted attacks,” the statement reads.

“In the attacks observed, the threat actor used these vulnerabilities to access on-premises Exchange servers which enabled access to email accounts, and allowed installation of additional malware to facilitate long-term access to victim environments.

“We strongly urge customers to update on-premises systems immediately.”

According to the NITDA, over 86,000 IP addresses have been affected globally.

The agency, therefore, urged Nigerians to update their servers to avoid similar cyber attacks.

“The National Information Technology Development Agency hereby calls on the public to update their Microsoft exchange servers to avoid being compromised,” the statement reads.

“This vulnerability affecting Microsoft exchange servers 2013, 2016, or 2019 has potential to harvest all emails, email addresses, passwords and compromised servers.

“Compromised servers grants remote access to an undisclosed outside source, thereby rendering the whole network vulnerable. There are about 86,000 IP addresses of affected exchange servers globally.”

The agency also gave a breakdown on what customers are expected to do as follows: Update all on premise systems immediately; patch all infected systems, and contact NITDA immediately for support in case of cyber threats.