London Daily

Focus on the big picture.
Thursday, Jul 10, 2025

GCHQ warns businesses to urgently update their Microsoft email servers after suspected China hack

GCHQ warns businesses to urgently update their Microsoft email servers after suspected China hack

The warning follows what Microsoft said was a state-sponsored espionage campaign from a group based in China.

The UK's National Cyber Security Centre, a part of GCHQ, is warning businesses to urgently update their Microsoft email servers following a state-sponsored espionage campaign.

Microsoft has warned that multiple groups are taking advantage of a global and indiscriminate hack of its clients' on-premise email servers, attributing the attack to state-sponsored group based in China, with tens of thousands of potential victims worldwide.

The NCSC has stressed the immediate need for organisations to patch their vulnerable Microsoft Exchange servers, amid warnings that the careless techniques used by the attackers could also enable criminals to piggyback into victims' networks.

Microsoft said a state-sponsored espionage group hacked it


Sky News understands there were no compromises of public sector organisations in the UK as a result of the state-sponsored attack using vulnerabilities in Microsoft Exchange.

Security officials believe there could be up to 8,000 vulnerable Microsoft servers in the country's private sector, although they estimate roughly half of these may have been patched.

Last week, government security authorities amplified Microsoft's urgent call for customers running on-premise Exchange servers to apply the patch, and the company is now warning that there are multiple groups taking advantage of unpatched systems.

Microsoft initially warned that the state-sponsored group "primarily targets entities in the United States across a number of industry sectors, including infectious disease researchers, law firms, higher education institutions, defence contractors, policy think tanks, and NGOs".

After compromising email servers belonging to these organisations, Microsoft said the attackers created web shells - interfaces which allow them to remotely access the compromised network even after the original vulnerabilities were patched - which is provoking additional concern.

Security officials have addressed 2,300 webshells across businesses in the UK, but more could remain undetected.

The NCSC's director for operations, Paul Chichester, said: "We are working closely with industry and international partners to understand the scale and impact of UK exposure, but it is vital that all organisations take immediate steps to protect their networks.

"Whilst this work is ongoing, the most important action is to install the latest Microsoft updates.

"Organisations should also be alive to the threat of ransomware and familiarise themselves with our guidance. Any incidents affecting UK organisations should be reported to the NCSC," he added.

Newsletter

Related Articles

0:00
0:00
Close
Severe Heatwave Claims 2,300 Lives Across Europe
NVIDIA Achieves Historic Milestone as First Company Valued at $4 Trillion
Declining Beer Consumption Signals Cultural Shift in Germany
Linda Yaccarino Steps Down as CEO of X After Two Years
US Imposes New Tariffs on Brazilian Exports Amid Political Tensions
Azerbaijan and Armenia are on the brink of a historic peace deal.
Emails Leaked: How Passenger Luggage Became a Side Income for Airport Workers
Polish MEP: “Dear Leftists - China is laughing at you, Russia is laughing, India is laughing”
BRICS Expands Membership with Indonesia and Ten New Partner Countries
Weinstein Victim’s Lawyer Says MeToo Movement Still Strong
U.S. Enacts Sweeping Tax and Spending Legislation Amid Trade Policy Shifts
Football Mourns as Diogo Jota and Brother André Silva Laid to Rest in Portugal
Labour Expected to Withdraw Support for Special Needs Funding Model
Leaked Audio Reveals Tory Aide Defending DEI Record
Elon Musk Founds a Party Following a Poll on X: "You Wanted It – You Got It!"
London Stock Exchange Faces Historic Low in Initial Public Offerings
A new online platform has emerged in the United Kingdom, specifically targeting Muslim men seeking virgin brides
Trump Celebrates Independence Day with B-2 Flyover and Signs Controversial Legislation
Boris Johnson Urges Conservatives to Ignore Farage
SNP Ordered to Update Single-Sex Space Guidance Within Days
Starmer Set to Reject Calls for Wealth Taxes
Stolen Century-Old Rolls-Royce Recovered After Hotel Theft
Macron Presses Starmer to Recognise Palestinian State
Labour Delayed Palestine Action Ban Over Riot Concerns
Swinney’s Tax Comments ‘Offensive to Scots’, Say Tories
High Street Retailers to Enforce Bans on Serial Shoplifters
Music Banned by Henry VIII to Be Performed After 500 Years
Steve Coogan Says Working Class Is Being ‘Ethnically Cleansed’
Home Office Admits Uncertainty Over Visa Overstayer Numbers
JD Vance Questions Mandelson Over Reform Party’s Rising Popularity
Macron to Receive Windsor Carriage Ride in Royal Gesture
Labour Accused of ‘Hammering’ Scots During First Year in Power
BBC Head of Music Stood Down Amid Bob Vylan Controversy
Corbyn Eyes Hard-Left Challenge to Starmer’s Leadership
London Tube Trains Suspended After Major Fire Erupts Nearby
Richard Kemp: I Felt Safer in Israel Under Attack Than in the UK
Cyclist Says Police Cited Human Rights Act for Riding No-Handed
China’s Central Bank Consults European Peers on Low-Rate Strategies
AI Raises Alarms Over Long-Term Job Security
Saudi Arabia Maintains Ties with Iran Despite Israel Conflict
Musk Battles to Protect Tesla Amid Trump Policy Threats
Air France-KLM Acquires Majority Stake in Scandinavian Airlines
UK Educators Sound Alarm on Declining Child Literacy
Shein Fined €40 Million in France Over Misleading Discounts
Brazil’s Lula Visits Kirchner During Argentina House Arrest
Trump Scores Legislative Win as House Passes Tax Reform Bill
Keir Starmer Faces Criticism After Rocky First Year in Power
DJI Launches Heavy-Duty Coaxial Quadcopter with 80 kg Lift Capacity
U.S. Senate Approves Major Legislation Dubbed the 'Big Beautiful Bill'
Largest Healthcare Fraud Takedown in U.S. History Announced by DOJ
×