3 Takeaways from the Microsoft Exchange Hack
As you may already know, in early March, hundreds of thousands of Microsoft Exchange Server systems were jeopardized and seeded with a powerful backdoor Trojan horse program¹.
If you are still unsure whether you are vulnerable to this attack or if your system may be infected — stop reading and contact us. We can provide guidance on how to secure yourself from this attack and future ones. If your Exchange server is unpatched, you’re not only vulnerable to the original hack, but also to other groups who are trying to take advantage of this known vulnerability by setting out to implant ransomware and other malware that could impact your business.
If you were a victim of this hack, but it is now behind you, take a deep breath and let’s talk through a few key takeaways:
- Most modern firewalls that were configured properly, have an IPS protection for this type of vulnerability, and within hours would have protected your IPS. If your firewall did not do this, it’s time for some tuning or perhaps something new.
- If you heard about the hack through the news media, your security company is not providing you with the reporting and transparency that it should. Think about this…What if there was an attack on a lesser-known software; you may not have heard about it at all. You should not have to rely on the media to have clear insight into your own security.
- CISA (Cybersecurity & Infrastructure Security Agency) provides security teams with a constant feed of threat information in order to stay on top of these types of attacks and have proper precautions in place. If your security company wasn’t prepared, it’s time to take a closer look.
If the Microsoft Exchange Hack made it through your security, it’s time for a new plan.
Let’s start with a conversation and see how we can help.