23 Mar Understanding the Microsoft Exchange Hack: How You Can Prevent a “Bad Day”
Understanding the Microsoft Exchange Hack:
How You Can Prevent a “Bad Day”
23 March 2021· 4 min read
Last week, Microsoft announced that its Microsoft Exchange server has been victim of a series of major hacks. While the company has been able to roll out a patch that should prevent hackers from further exploiting weak points in the server, this patch cannot undo what has already been done.
Early estimates are that over 30,000 private entities like businesses, schools, hospitals, etc. have been hit by this breach in the U.S. alone. That number is most likely in the hundreds of thousands worldwide.
Here’s what you need to know about the breach and what you can do to protect your organization from a similar incident.
Who is Behind the Hack?
Microsoft pinpointed the Chinese group Hafnium as the party responsible for the initial breach. They were able to infiltrate through a vulnerable section of code that Microsoft had identified as a potential problem area back in January.
After Microsoft introduced a patch to prevent further breaches, separate unaffiliated groups jumped on the bandwagon and continued attacking servers that had not yet been patched.
Nation-state attacks have been on the rise in recent years, but still represent just 13% of cyber-attacks. The rest of the incidents stem from individuals sneaking Malware into a company through email and stealing cloud passwords and credentials.
How Bad is the Hack?
Without trying to fan the flames, this attack was pretty severe. It has been compared in size to the Solarwinds hack perpetrated by Russia earlier this year and some cybersecurity experts are calling it the worst hack they’ve seen in over a decade.
Microsoft was able to patch the vulnerable code within the recommended 100 days after discovering it, which is encouraging. But, there are still around 82,000 servers that remain unprotected, which has allowed more cybercriminals to worm their way in.
While nation-state attackers are generally more interested in stealing government and corporate data, these unaffiliated hackers stand as a risk to private businesses, universities, law firms, and hospitals. Some of these types institutions have already been hit, such as the European Banking Authority.
Although the situation seems pretty bleak, it isn’t all doom and gloom.
United States President, Joe Biden has created a task force to pinpoint more at-risk servers and deal with the new strain of ransomware originating from the attack.
But what can you do in the meantime?
What Steps Can I Take to Protect Myself and My Business?
With any cyber-attack, planning is half the battle. Given that there is an attempted hack in the U.S. every 39 seconds, it’s not a question of “if” but “when.” As you’ll learn in our upcoming two-part series on cybersecurity, organizations that deploy proper data governance tend to save tens of millions of dollars when faced with these attacks.
Our CEO and Co-Founder, Keith Lipman coined the term “the bad day” as a way of looking at breaches when they finally occur. Just like in life, everyone has a bad day at some point. The same can be true of cybersecurity. With the right amount of planning and investment into the proper technology platforms, you can mitigate the danger.
While Microsoft and other cloud-based services have their own security systems in place, this recent Exchange breach shows that internal governance is a must.
This starts with assigning rich metadata to all of your projects, engagements, matters – whatever you may call them. This metadata allows you to gain critical context, allowing your users to quickly locate content and your risk management team to apply security and minimization. You can also create a separate archive of content, so you can still access it in the event of a hack.
The right technology platform should allow for provisioning of projects or engagements, automatically or on demand. Together with metadata, this can help you control chaos by providing a logical place for users to store data, and reduce risks related to privacy & cybersecurity.
Because as we all know, two of the biggest issues in cybersecurity are human error and disorganization. Automatic provisioning eliminates data chaos and keeps your organization’s data out of personal drives which are often susceptible to breaches.
How Prosperoware Helps
Our software, Prosperoware CAM empowers organizations to safely collaborate without chaos across collaboration platforms by providing effective adoption and governance.
CAM, integrates with multiple collaboration systems, including Microsoft 365 (Microsoft Teams, SharePoint Online, OneDrive, OneNote, Planner), file shares, iManage, NetDocuments, HighQ, and more to come.
Here’s what CAM can do for you:
- Automatic provisioning of workspaces, Teams, Channels, and folders from Project Portfolio Management, CRM etc., or through human workflow using templates
- Rich, custom metadata for project or document context
- Unified project directory for content location for end users and risk management teams
- Automatically provision internal & external users, manage permissions, and integrate with ethical wall systems
- Data Loss Prevention including activity monitoring and bulk security & metadata changes
- Minimize data by setting data disposition policies or apply litigation hold
To learn more, join us for our Data Protection webinar on April 8. And keep an eye out for our upcoming series on the present and future of cybersecurity here at our Knowledge Center.