Beautiful Virgin Islands

Wednesday, Jul 08, 2026

GCHQ warns businesses to urgently update their Microsoft email servers after suspected China hack

GCHQ warns businesses to urgently update their Microsoft email servers after suspected China hack

The warning follows what Microsoft said was a state-sponsored espionage campaign from a group based in China.

The UK's National Cyber Security Centre, a part of GCHQ, is warning businesses to urgently update their Microsoft email servers following a state-sponsored espionage campaign.

Microsoft has warned that multiple groups are taking advantage of a global and indiscriminate hack of its clients' on-premise email servers, attributing the attack to state-sponsored group based in China, with tens of thousands of potential victims worldwide.

The NCSC has stressed the immediate need for organisations to patch their vulnerable Microsoft Exchange servers, amid warnings that the careless techniques used by the attackers could also enable criminals to piggyback into victims' networks.

Microsoft said a state-sponsored espionage group hacked it


Sky News understands there were no compromises of public sector organisations in the UK as a result of the state-sponsored attack using vulnerabilities in Microsoft Exchange.

Security officials believe there could be up to 8,000 vulnerable Microsoft servers in the country's private sector, although they estimate roughly half of these may have been patched.

Last week, government security authorities amplified Microsoft's urgent call for customers running on-premise Exchange servers to apply the patch, and the company is now warning that there are multiple groups taking advantage of unpatched systems.

Microsoft initially warned that the state-sponsored group "primarily targets entities in the United States across a number of industry sectors, including infectious disease researchers, law firms, higher education institutions, defence contractors, policy think tanks, and NGOs".

After compromising email servers belonging to these organisations, Microsoft said the attackers created web shells - interfaces which allow them to remotely access the compromised network even after the original vulnerabilities were patched - which is provoking additional concern.

Security officials have addressed 2,300 webshells across businesses in the UK, but more could remain undetected.

The NCSC's director for operations, Paul Chichester, said: "We are working closely with industry and international partners to understand the scale and impact of UK exposure, but it is vital that all organisations take immediate steps to protect their networks.

"Whilst this work is ongoing, the most important action is to install the latest Microsoft updates.

"Organisations should also be alive to the threat of ransomware and familiarise themselves with our guidance. Any incidents affecting UK organisations should be reported to the NCSC," he added.

Newsletter

Related Articles

Beautiful Virgin Islands
0:00
0:00
Close
Global News Brief: Escalating Conflicts, Public Health Crises, and World Cup Drama
Federal Financial Framework Shifts as Treasury Launches Universal Savings Program for Minors
French Court Allows Le Pen to Run for Presidency, but with an Electronic Tag: "I Will Appeal, and I Will Run"
$1.4 Trillion: The Lawsuit That Could Crush Meta
Europe's Growing Struggle with Extreme Heat and Air Conditioning
UK Daily Briefing: Legal Developments and Social Issues
Political Turmoil and Rising Costs
Anthropic Reengineers Agentic Architecture to Shift Autonomous Workplace Automation to the Cloud
Logic Flaw in Windows 11 Permission Architecture Silently Consumes Hundreds of Gigabytes of Local Storage
Apple Advances Late-Stage Operating Systems with Fourth Beta Deployments
Global Crisis Alert: Escalating Middle East Tensions and UK Political Upheaval
Deep Purple Has Released Its Best Album in Decades
Microsoft Lays Off 4,800 Employees and Xbox Suffers the Hardest Blow
Morocco and France Advance as 2026 FIFA World Cup Enters Quarterfinals.
Historic 2026 Tour de France Opens in Barcelona With Revamped Team Time Trial.
Global Mergers and Acquisitions Approach $4 Trillion Defying Geopolitical Tumult.
Negotiators Advance 20-Point Framework for Gaza Ceasefire and Demilitarization.
OECD Warns Middle East Conflict Will Depress Global Economic Growth.
Ukrainian Drones Strike Major Oil Terminal in St. Petersburg.
World Meteorological Organization Issues Urgent Alert Over Rapidly Intensifying El Niño.
United States Commemorates 250th Anniversary With Diplomatic Summits and Global Flotilla.
Iran Begins Days-Long Funeral for Supreme Leader Khamenei Amid Strait of Hormuz Standoff.
Technology giant reports surging carbon emissions driven by artificial intelligence infrastructure demands.
Artificial intelligence adoption accelerates workforce reductions across the technology and financial sectors.
Global technology and financial conglomerates collaborate to launch a new stablecoin standard.
United States regulators lift export restrictions on a major frontier artificial intelligence model.
Luxury bags take over the World Cup: style, status symbol, or just showing off?
×