Advantage IT Management Blog

Microsoft Exchange Enabled a Global Cybersecurity Event

Microsoft Exchange Enabled a Global Cybersecurity Event

Bad news—thanks to four flaws in Microsoft Exchange Server software, over 60,000 individuals and organizations have had their emails stolen by a cyberespionage unit based in China, with over 30,000 of those targeted being in the United States. Let’s review what has taken place up to the time of this writing, and what can be done about it.

The Sequence of Events So Far

On January 5th of this year, a security researcher going by the name of “Orange Tsai” working for security testing firm DEVCORE reported the discovery of a few serious issues in the Microsoft Exchange Server. Another firm, Volexity, independently reported the same issues to Microsoft on February 2nd, and a firm in Denmark called Dubex first submitted their reports on January 27th.

The reports were all related to what is now known to be the activity of a hacking group known as “Hafnium” that has targeted email systems that a variety of industries—including infectious disease research, defense contractors, institutions of higher education, law firms, think tanks, and civil societies/non-government organizations—rely on to operate. In all, it is estimated that more than hundreds of thousands of organizations across the globe that utilize Microsoft Exchange have had Hafnium breach them and leave behind a convenient way to get back in later with administrative permissions.

This is because these attacks were first directed towards higher-value targets but quickly transitioned to a more blanketed approach—attacking any server that was encountered. Exacerbating the issue, these attacks may be automated, which makes it effortless for them to be spread.

It also needs to be said that the cloud-hosted Exchange services that Microsoft offers were left unaffected, but most victims are utilizing both in their operations.

While a patch for the issue was released on March 2, it unfortunately only protects businesses that have not yet been infiltrated by these attacks. Any of those with these issues already in their systems will need to resolve them otherwise.

This Attack Has Turned into a Global Cybersecurity Crisis

With the release of this patch, hackers and their targets are now in a race to find out who will act more quickly. Hafnium will need to focus on spreading the infection as quickly as possible, while users will need to prioritize putting the patch into place before they are breached.

Unfortunately, at least 60,000 victims (likely far more by the time you’re reading this) have already lost this race.

What’s worse, these patches won’t remove the threat if they’ve already infiltrated a network. This means that businesses should still undertake a comprehensive review of their network to ensure that no sign of these attacks remains. Considering that this can be considered a zero-day attack that impacted all self-hosted Outlook Web Access instances that hadn’t been patched within a span of a few days, it is wise to investigate your own business’ network out of principle.

Advantage IT Management can help, via our managed services and the proactive maintenance that they include. Our team will be there, actively ensuring that all necessary improvements are made to your network and the solutions attached to it. Find out more about what we have to offer by calling 251-662-9770 today.

The Right IT Can Be a Solid Profit Generator
Automation Can Bring a Lot of Business Benefits, w...
 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Saturday, April 10 2021

Captcha Image

By accepting you will be accessing a service provided by a third-party external to https://www.advantageitm.com/

Mobile? Grab this Article!

QR-Code dieser Seite

Recent Comments

RyanMcCawley Is it Wrong to Purchase Access to Your Own Data?
11 November 2020
As we know there are so many colleges and universities. From http://www.carwrapsanantonio.net/ stude...
WilliamMMartin What You Need to Know to Manage a Remote Workforce
29 April 2020
Managing a remote workforce is tough, but now a day it is the requirement and we all need to take ca...
Malcolm Quinn Gmail and the G Suite Get Overhauled with A.I.
13 April 2020
Some of the sites on the link can be overhauled and users can get different advantages. On the other...
Avye Goodwin ALERT: Change Your Twitter Password, Says Twitter
25 March 2020
When you create your Twitter account you have to make your password secure and healthy so that you c...
Jerry Bradford The Advantages and Disadvantages of Getting a Smart Lock for Your Business
17 March 2020
There are many advantages and disadvantages to getting some smart lock that was for the local busine...