| 20.1°C Dublin

Microsoft email hack hit 98 Irish organisations

One Irish IT security firm says that it has seen a list of 98 organisations “compromised” by the ongoing global Microsoft email attack.


Microsoft has urged businesses to install emergency software patches

Microsoft has urged businesses to install emergency software patches

Microsoft has urged businesses to install emergency software patches

At least 98 Irish companies and organisations have been “compromised” by the global Microsoft email system hack, security experts say.

The hack is now known to have affected tens of thousands of organisations worldwide, including the European Banking Authority.

The cyber security and data protection firm BH Consulting says that it is “aware of 98 businesses in Ireland that look to have been compromised using the vulnerability”.

The company’s CEO, Brian Honan, said that his firm has seen a list of 98 Irish organisations which have been infected with a “web shell”, which allows hackers to gain remote access to the victim organisation over the web.

“The concern is that the attackers could use these web shells to further compromise the companies and install ransomware on their network,” said Mr Honan.

“Whether or not the attackers have gone further is as yet unknown and through [the Irish Reporting and Information Security Service] IrissCert we will be trying to contact the victims to alert them to check their systems.”

Some industry data compilations estimate that 30pc of Irish servers may be vulnerable to the IT security exploit, which is caused by gaps in the technology that lets Microsoft customers get access to their work email over the internet,

Microsoft Ireland, which oversees the company’s European business, declined to comment specifically on the Irish organisations affected but urged companies to make sure they implement its emergency software patches.

“We are working closely with the [US agency] CISA, other government agencies and security companies to ensure we are providing the best possible guidance and mitigation for our customers,” said a company spokesperson. “The best protection is to apply updates as soon as possible across all impacted systems. Impacted customers should contact our support teams for additional help and resources."

The company declined to say whether it has informed the Irish Data Protection Commissioner about its email vulnerabilities.

7 Things: Adrian Weckler on Tech

Tech’s stars and turkeys rounded up and served to you every Friday by Ireland’s No. 1 technology writer.

This field is required

However, it said that companies using entirely cloud-based email systems were unaffected.

“It’s had a huge reach and there have been organisations in Ireland, both in the private and the public sector, that have been impacted,” said Conor Flynn, chief executive of Isas, a Dublin-based IT security firm. “It has been quite significant.”

A spokesperson for the Data Protection Commissioner declined to say whether Microsoft had informed it of the breach.

According to the IT security expert Brian Krebs, the hackers left an easy-to-use password-protected hacking tool called a “web shell” in infiltrated organisations, allowing them to return at a later date to get administrative access to the victim’s computer servers.

Microsoft and US authorities have blamed the initial wave of attacks on a Chinese government-backed actor. A Chinese government spokesman said the country was not behind the intrusions.

What started as a controlled attack late last year against a few classic espionage targets grew last month to a widespread campaign. More attacks are expected from other hackers as the code used to take control of the mail servers spreads.

All of those affected appear to run Web versions of email client Outlook and host them on their own machines, instead of relying on cloud providers.

On Monday, the European Banking Authority said it had been targeted by hackers, although no data had been obtained and it was redoubling efforts to shield itself.

The European Union’s banking regulator, which gathers and stores swathes of sensitive data about banks and their lending, said it believed the cyber attack had struck only its email servers.

Related topics

Most Watched