3 Takeaways from the Microsoft Exchange Hack

In early March, hundreds of thousands of Microsoft Exchange Server systems were jeopardized and seeded with a powerful backdoor Trojan horse program. What can we learn from this?

Share This Post

Share on facebook
Share on linkedin
Share on twitter
Share on email

3 Takeaways from the Microsoft Exchange Hack

As you may already know, in early March, hundreds of thousands of Microsoft Exchange Server systems were jeopardized and seeded with a powerful backdoor Trojan horse program¹.

If you are still unsure whether you are vulnerable to this attack or if your system may be infected — stop reading and contact us. We can provide guidance on how to secure yourself from this attack and future ones. If your Exchange server is unpatched, you’re not only vulnerable to the original hack, but also to other groups who are trying to take advantage of this known vulnerability by setting out to implant ransomware and other malware that could impact your business.

If you were a victim of this hack, but it is now behind you, take a deep breath and let’s talk through a few key takeaways:

  1. Most modern firewalls that were configured properly, have an IPS protection for this type of vulnerability, and within hours would have protected your IPS. If your firewall did not do this, it’s time for some tuning or perhaps something new.

  2. If you heard about the hack through the news media, your security company is not providing you with the reporting and transparency that it should. Think about this…What if there was an attack on a lesser-known software; you may not have heard about it at all. You should not have to rely on the media to have clear insight into your own security.

  3. CISA (Cybersecurity & Infrastructure Security Agency) provides security teams with a constant feed of threat information in order to stay on top of these types of attacks and have proper precautions in place. If your security company wasn’t prepared, it’s time to take a closer look.

If the Microsoft Exchange Hack made it through your security, it’s time for a new plan.

Let’s start with a conversation and see how we can help. 

¹ https://krebsonsecurity.com/2021/03/a-basic-timeline-of-the-exchange-mass-hack/

Why Scientists Should Care About Security

Once ransomware is resident on a system, it can be a simple money collection exercise or a means to an end to capture intellectual property. Lost intellectual property may allow an organization in another country to leap forward and deliver your discoveries.

Read More »

How secure is your data in the cloud?

Did you know that securing your data in cloud environments, such as AWS, Azure and Google, is your responsibility? These public cloud providers keep your data safe from anything outside of their environment but there is nothing protecting you from within their environment.

Read More »