Skip to main content
Canada’s most-awarded newsroom for a reason
Enjoy unlimited digital access
$1.99
per week
for 24 weeks
Canada’s most-awarded newsroom for a reason
$1.99
per week
for 24 weeks
// //

Canada’s main cybersecurity watchdog said Wednesday that it’s likely too late to prevent criminals from using a vulnerability in Microsoft Exchange e-mail servers, unless system administrators have already installed software patches that were issued in early March.

Scott Jones, head of the Canadian Centre for Cyber Security, said after issuing an updated alert to IT professionals that “the law of probability states that it’s almost certain that there are victims in Canada.”

“We just don’t know who they are yet,” Jones said in an interview. “We’re hoping that they know that they’re victims, though, which is also another point of the alert.”

Story continues below advertisement

He said he organizations that are statistically most likely to be at risk are those that have Microsoft Exchange server software on their own computers or on a smaller IT service provider, rather than through a major cloud service such as Microsoft Office 365 or Google Cloud.

Jones said organizational leaders need to ask: Have the security patches been installed? Have we checked to make sure we weren’t compromised? If there was a compromise, who needs to be told?

“Once you’ve confirmed patching and confirmed that there’s no compromise of the network, then (you) can breathe a sigh of relief and say we were lucky,” Jones said.

He said there have been public reports of widespread compromises by criminals using the security gap to install a new family of ransomware called DearCry, which Microsoft warned about in a tweet last week.

“In terms of specific Canadian organizations, we would need them to report to us – meaning give us a call in let us know that they’re victims,” Jones said.

He said it’s the responsibility of victim organizations to inform their customers, employees or any affected parties such as suppliers and insurers if there has been a security breach.

Jones said he’s not authorized to answer questions about the security of the Canadian government’s own e-mail systems but said it has “a very robust and active” patch management program in place.

Story continues below advertisement

The Canadian Centre for Cyber Security’s March 16 alert was the third since early March 2, when Microsoft published several security updates for Exchange e-mail servers.

The head of German government’s cybersecurity agency issued a similar warning to IT system administrators on Friday.

With a file from The Associated Press.

Our Morning Update and Evening Update newsletters are written by Globe editors, giving you a concise summary of the day’s most important headlines. Sign up today.

Your Globe

Build your personal news feed

  1. Follow topics and authors relevant to your reading interests.
  2. Check your Following feed daily, and never miss an article. Access your Following feed from your account menu at the top right corner of every page.

Follow topics related to this article:

View more suggestions in Following Read more about following topics and authors
Report an error
Due to technical reasons, we have temporarily removed commenting from our articles. We hope to have this fixed soon. Thank you for your patience. If you are looking to give feedback on our new site, please send it along to feedback@globeandmail.com. If you want to write a letter to the editor, please forward to letters@globeandmail.com.

Welcome to The Globe and Mail’s comment community. This is a space where subscribers can engage with each other and Globe staff. Non-subscribers can read and sort comments but will not be able to engage with them in any way. Click here to subscribe.

If you would like to write a letter to the editor, please forward it to letters@globeandmail.com. Readers can also interact with The Globe on Facebook and Twitter .

Welcome to The Globe and Mail’s comment community. This is a space where subscribers can engage with each other and Globe staff. Non-subscribers can read and sort comments but will not be able to engage with them in any way. Click here to subscribe.

If you would like to write a letter to the editor, please forward it to letters@globeandmail.com. Readers can also interact with The Globe on Facebook and Twitter .

Welcome to The Globe and Mail’s comment community. This is a space where subscribers can engage with each other and Globe staff.

We aim to create a safe and valuable space for discussion and debate. That means:

  • Treat others as you wish to be treated
  • Criticize ideas, not people
  • Stay on topic
  • Avoid the use of toxic and offensive language
  • Flag bad behaviour

If you do not see your comment posted immediately, it is being reviewed by the moderation team and may appear shortly, generally within an hour.

We aim to have all comments reviewed in a timely manner.

Comments that violate our community guidelines will not be posted.

UPDATED: Read our community guidelines here

Discussion loading ...

To view this site properly, enable cookies in your browser. Read our privacy policy to learn more.
How to enable cookies