7 Mar 2021

Microsoft email users in NZ told to act quickly after mass hack

8:43 pm on 7 March 2021

New Zealanders are being warned to be concerned and act swiftly after a massive email hack that's being blamed on China.

Teenage Hacker Girl Attacks Corporate Servers in Dark, Typing on Red Lit Laptop Keyboard. Room is Dark

Photo: 123RF

Microsoft said its email Exchange software has been infiltrated in a state-sponsored attack which the White House is now calling an "active threat".

There are fears hundreds of thousands of public and private sector organisations worldwide have been compromised, allowing hackers to download emails.

AUT computer science professor Dave Parry said the hackers could steal valuable intellectual property or use information to blackmail people.

"It is extremely concerning, the ones that have been attacked really have been completely open, so the attackers could have taken whatever emails they like from these Exchange servers - and looked at calendar appointments, all sorts of other things."

Professor Parry said people should download a fix immediately - although this will only work if servers were not already compromised.

He said people should also run a security check to find and delete any malicious software installed.

Professor Parry said it appeared only those who run their own Exchange servers were being affected, rather than those using cloud-based Microsoft email.

He said central government likely has good hacking protection so possibly will not have been compromised, but local councils, DHBs and medium scale businesses could all have been affected.

Professor Parry said the hack was another reminder if how insecure email could be.

Andrew Cushen from InternetNZ said it was a large, widespread attack on tools that are commonly in New Zealand and around the world.

"But that it's been discovered gives us an opportunity to act and to manage the challenges that this presents. So if you are worried now's the time to act."

He said people should contact their IT specialists or go to the website of CertNZ, New Zealand's cyber security agency, for more information.

Michael Shearer, CertNZ's principal advisor for threats and vulnerabilities, said he wouldn't comment on which New Zealand firms have been affected, saying that information was confidential.

The minister responsible for the GCSB, Andrew Little, said the National Cyber Security Centre has been working with its customers to pass on mitigation advice developed by Microsoft.

He said it's a reminder to have automatic updates turned on - something home users generally do.

"The public service is aware of and appropriately managing the risks to its own networks," Little said.

Get the RNZ app

for ad-free news and current affairs