Jersey Cyber Security Centre Alerts Businesses to Rising “ToolShell” Attack Threat

Island Firms Warned Over Cyber Threat Exploiting Microsoft Flaw

Businesses in Jersey are being urged to ditch outdated systems after a newly exploited Microsoft software flaw – dubbed “ToolShell” – was found targeting companies worldwide.

According to the Jersey Cyber Security Centre (JCSC), the vulnerability has been used in attacks mainly in the US (31%), Mauritius (8%), Germany (7%) and France (5%). It affects self-hosted Microsoft SharePoint setups by combining two security weaknesses to give attackers unauthorised access, potentially leading to stolen data, damaged systems, and ransomware demands.

The JCSC contacted five local organisations identified as “highly vulnerable”. Some had to shut down critical systems while applying fixes. JCSC director Matt Palmer said the issue stemmed from outdated software, adding: “Microsoft issued a patch, but older, unsupported systems can’t get it.”

The centre advises businesses to install security updates within 14 days of release and to isolate any unpatchable systems. Palmer urged all organisations to seek confidential guidance: “Cyber criminals are always adapting. We want Islanders to have the best possible chance of staying secure.”