London Daily

Focus on the big picture.
Monday, Sep 15, 2025

GCHQ warns businesses to urgently update their Microsoft email servers after suspected China hack

GCHQ warns businesses to urgently update their Microsoft email servers after suspected China hack

The warning follows what Microsoft said was a state-sponsored espionage campaign from a group based in China.

The UK's National Cyber Security Centre, a part of GCHQ, is warning businesses to urgently update their Microsoft email servers following a state-sponsored espionage campaign.

Microsoft has warned that multiple groups are taking advantage of a global and indiscriminate hack of its clients' on-premise email servers, attributing the attack to state-sponsored group based in China, with tens of thousands of potential victims worldwide.

The NCSC has stressed the immediate need for organisations to patch their vulnerable Microsoft Exchange servers, amid warnings that the careless techniques used by the attackers could also enable criminals to piggyback into victims' networks.

Microsoft said a state-sponsored espionage group hacked it


Sky News understands there were no compromises of public sector organisations in the UK as a result of the state-sponsored attack using vulnerabilities in Microsoft Exchange.

Security officials believe there could be up to 8,000 vulnerable Microsoft servers in the country's private sector, although they estimate roughly half of these may have been patched.

Last week, government security authorities amplified Microsoft's urgent call for customers running on-premise Exchange servers to apply the patch, and the company is now warning that there are multiple groups taking advantage of unpatched systems.

Microsoft initially warned that the state-sponsored group "primarily targets entities in the United States across a number of industry sectors, including infectious disease researchers, law firms, higher education institutions, defence contractors, policy think tanks, and NGOs".

After compromising email servers belonging to these organisations, Microsoft said the attackers created web shells - interfaces which allow them to remotely access the compromised network even after the original vulnerabilities were patched - which is provoking additional concern.

Security officials have addressed 2,300 webshells across businesses in the UK, but more could remain undetected.

The NCSC's director for operations, Paul Chichester, said: "We are working closely with industry and international partners to understand the scale and impact of UK exposure, but it is vital that all organisations take immediate steps to protect their networks.

"Whilst this work is ongoing, the most important action is to install the latest Microsoft updates.

"Organisations should also be alive to the threat of ransomware and familiarise themselves with our guidance. Any incidents affecting UK organisations should be reported to the NCSC," he added.

Newsletter

Related Articles

0:00
0:00
Close
London Daily Podcast: London Massive Pro Democracy Rally, Musk Support, UK Economic Data and Premier League Results Mark Eventful Weekend
This Week in AI: Meta’s Superintelligence Push, xAI’s Ten Billion-Dollar Raise, Genesis AI’s Robotics Ambitions, Microsoft Restructuring, Amazon’s Million-Robot Milestone, and Google’s AlphaGenome Update
Le Pen Tightens the Pressure on Macron as France Edges Toward Political Breakdown
Musk calls for new UK government at huge pro-democracy rally in London, but Britons have been brainwashed to obey instead of fighting for their human rights
Elon Musk responds to post calling for the murder of Erika Kirk, widow of Charlie Kirk: 'Either we fight back or they will kill us'
Czech Republic signs €1.34 billion contract for Leopard 2A8 main battle tanks with delivery from 2028
USA: Office Depot Employees Refused to Print Poster in Memory of Charlie Kirk – and Were Fired
Proposed U.S. Bill Would Allow Civil Suits Against Judges Who Release Repeat Violent Offenders
Penske Media Sues Google Over “AI Overviews,” Claiming It Uses Journalism Without Consent and Destroys Traffic
Indian Student Engineers Propose “Project REBIRTH” to Protect Aircraft from Crashes Using AI, Airbags and Smart Materials
French Debt Downgrade Piles Pressure on Macron’s New Prime Minister
US and UK Near Tech, Nuclear and Whisky Deals Ahead of Trump Trip
One in Three Europeans Now Uses TikTok, According to the Chinese Tech Giant
Could AI Nursing Robots Help Healthcare Staffing Shortages?
NATO Deploys ‘Eastern Sentry’ After Russian Drones Violate Polish Airspace
Anesthesiologist Left Operation Mid-Surgery to Have Sex with Nurse
Tens of Thousands of Young Chinese Get Up Every Morning and Go to Work Where They Do Nothing
The New Life of Novak Djokovic
The German Owner of Politico Mathias Döpfner Eyes Further U.S. Media Expansion After Axel Springer Restructuring
Suspect Arrested: Utah Man in Custody for Charlie Kirk’s Fatal Shooting
In a politically motivated trial: Bolsonaro Sentenced to 27 Years for Plotting Coup After 2022 Defeat
German police raid AfD lawmaker’s offices in inquiry over Chinese payments
Turkish authorities seize leading broadcaster amid fraud and tax investigation
Volkswagen launches aggressive strategy to fend off Chinese challenge in Europe’s EV market
ChatGPT CEO signals policy to alert authorities over suicidal youth after teen’s death
The British legal mafia hit back: Banksy mural of judge beating protester is scrubbed from London court
Surpassing Musk: Larry Ellison becomes the richest man in the world
Embarrassment for Starmer: He fired the ambassador photographed on Epstein’s 'pedophile island'
Manhunt after 'skilled sniper' shot Charlie Kirk. Footage: Suspect running on rooftop during panic
Effective Protest Results: Nepal’s Prime Minister Resigns as Youth-Led Unrest Shakes the Nation
Qatari prime minister says Netanyahu ‘killed any hope’ for Israeli hostages
King Charles and Prince Harry Share First In-Person Moment in 19 Months
Starmer Establishes Economic ‘Budget Board’ to Centralise Policy and Rebuild Business Trust
France Erupts in Mass ‘Block Everything’ Protests on New PM’s First Day
Poland Shoots Down Russian Drones in Airspace Violation During Ukraine Attack
Brazilian police say ex-President Bolsonaro had planned to flee to Argentina seeking asylum
Trinidad Leader Applauds U.S. Naval Strike and Advocates Forceful Action Against Traffickers
Kim Jong Un Oversees Final Test of New High-Thrust Solid-Fuel Rocket Engine
Apple Introduces Ultra-Thin iPhone Air, Enhanced 17 Series and New Health-Focused Wearables
Macron Appoints Sébastien Lecornu as Prime Minister Amid Budget Crisis and Political Turmoil
Supreme Court temporarily allows Trump to pause billions in foreign aid
Charlie Sheen says his father, Martin Sheen, turned him in to the police: 'The greatest betrayal possible'
Vatican hosts first Catholic LGBTQ pilgrimage
Apple Unveils iPhone 17 Series, iPhone Air, Apple Watch 11 and More at 'Awe Dropping' Event
Pig Heads Left Outside Multiple Paris Mosques in Outrage-Inducing Acts
Nvidia’s ‘Wow’ Factor Is Fading. The AI chip giant used to beat Wall Street expectations for earnings by a substantial margin. That trajectory is coming down to earth.
France joins Eurozone’s ‘periphery’ as turmoil deepens, say investors
On the Anniversary of Queen Elizabeth’s Death: Prince Harry Returns to Britain
France Faces New Political Crisis, again, as Prime Minister Bayrou Pushed Out
Murdoch Family Finalises $3.3 Billion Succession Pact, Ensuring Eldest Son’s Leadership
×