3 Takeaways from the Microsoft Exchange Hack

In early March, hundreds of thousands of Microsoft Exchange Server systems were jeopardized and seeded with a powerful backdoor Trojan horse program. What can we learn from this?

Share This Post

Share on facebook
Share on linkedin
Share on twitter
Share on email

3 Takeaways from the Microsoft Exchange Hack

As you may already know, in early March, hundreds of thousands of Microsoft Exchange Server systems were jeopardized and seeded with a powerful backdoor Trojan horse program¹.

If you are still unsure whether you are vulnerable to this attack or if your system may be infected — stop reading and contact us. We can provide guidance on how to secure yourself from this attack and future ones. If your Exchange server is unpatched, you’re not only vulnerable to the original hack, but also to other groups who are trying to take advantage of this known vulnerability by setting out to implant ransomware and other malware that could impact your business.

If you were a victim of this hack, but it is now behind you, take a deep breath and let’s talk through a few key takeaways:

  1. Most modern firewalls that were configured properly, have an IPS protection for this type of vulnerability, and within hours would have protected your IPS. If your firewall did not do this, it’s time for some tuning or perhaps something new.

  2. If you heard about the hack through the news media, your security company is not providing you with the reporting and transparency that it should. Think about this…What if there was an attack on a lesser-known software; you may not have heard about it at all. You should not have to rely on the media to have clear insight into your own security.

  3. CISA (Cybersecurity & Infrastructure Security Agency) provides security teams with a constant feed of threat information in order to stay on top of these types of attacks and have proper precautions in place. If your security company wasn’t prepared, it’s time to take a closer look.

If the Microsoft Exchange Hack made it through your security, it’s time for a new plan.

Let’s start with a conversation and see how we can help. 

¹ https://krebsonsecurity.com/2021/03/a-basic-timeline-of-the-exchange-mass-hack/

DIY Security: Know When to Call in Experts

Deciding between keeping IT security tasks in-house or relying on a partner with specialized expertise, can be compared to managing home improvement projects. There are many things you can try to repair using the Do-It-Yourself approach. If everything goes just right, you might save yourself some money, and hopefully, you’ve got time left over to relax. But what if everything goes wrong?

Read More »

Why Network Security?

Take a moment and think about your company’s network as your home. In our houses, we go to great length to secure ourselves—doorknob locks, deadbolts, smart locks. Now look at your corporate network, how do you feel about the front door of your network? Does it give you the same sense of security that the front door of your home does? This is why we need network security.

Read More »

Why Scientists Should Care About Security

Once ransomware is resident on a system, it can be a simple money collection exercise or a means to an end to capture intellectual property. Lost intellectual property may allow an organization in another country to leap forward and deliver your discoveries.

Read More »