German IT safety chief: act on Exchange hack or go offline

BERLIN — The head of Germany’s cybersecurity agency warned IT system administrators today to swiftly patch known holes in Microsoft Exchange servers or take those systems offline amid concerns of an imminent wave of ransomware attacks.

Arne Schoenbohm said the Federal Cyber Security Authority, or BSI, was particularly concerned that small- and medium-sized companies could be targeted.

“It is to be expected that cybercriminals will soon carry out an automated attack, meaning organizations worldwide will face a big wave,” he said on Twitter. “Please patch immediately. In (Germany) there are still 20,000 known open systems.”

Schoenbohm said that some 5,000 servers which have already been patched contain backdoors that might allow attackers entry into the systems

“If you can’t act immediately, go offline,” he said. “Don’t work from home at the weekend.”