Direct Technology Group Blog

Direct Technology Group provides professional IT Support and Network Services for Businesses around Deerfield Beach. Computer Services, Tech Support, IT Solutions and more!

Microsoft Exchange Enabled a Global Cybersecurity Event

Microsoft Exchange Enabled a Global Cybersecurity Event

Bad news—thanks to four flaws in Microsoft Exchange Server software, over 60,000 individuals and organizations have had their emails stolen by a cyberespionage unit based in China, with over 30,000 of those targeted being in the United States. Let’s review what has taken place up to the time of this writing, and what can be done about it.

The Sequence of Events So Far

On January 5th of this year, a security researcher going by the name of “Orange Tsai” working for security testing firm DEVCORE reported the discovery of a few serious issues in the Microsoft Exchange Server. Another firm, Volexity, independently reported the same issues to Microsoft on February 2nd, and a firm in Denmark called Dubex first submitted their reports on January 27th.

The reports were all related to what is now known to be the activity of a hacking group known as “Hafnium” that has targeted email systems that a variety of industries—including infectious disease research, defense contractors, institutions of higher education, law firms, think tanks, and civil societies/non-government organizations—rely on to operate. In all, it is estimated that more than hundreds of thousands of organizations across the globe that utilize Microsoft Exchange have had Hafnium breach them and leave behind a convenient way to get back in later with administrative permissions.

This is because these attacks were first directed towards higher-value targets but quickly transitioned to a more blanketed approach—attacking any server that was encountered. Exacerbating the issue, these attacks may be automated, which makes it effortless for them to be spread.

It also needs to be said that the cloud-hosted Exchange services that Microsoft offers were left unaffected, but most victims are utilizing both in their operations.

While a patch for the issue was released on March 2, it unfortunately only protects businesses that have not yet been infiltrated by these attacks. Any of those with these issues already in their systems will need to resolve them otherwise.

This Attack Has Turned into a Global Cybersecurity Crisis

With the release of this patch, hackers and their targets are now in a race to find out who will act more quickly. Hafnium will need to focus on spreading the infection as quickly as possible, while users will need to prioritize putting the patch into place before they are breached.

Unfortunately, at least 60,000 victims (likely far more by the time you’re reading this) have already lost this race.

What’s worse, these patches won’t remove the threat if they’ve already infiltrated a network. This means that businesses should still undertake a comprehensive review of their network to ensure that no sign of these attacks remains. Considering that this can be considered a zero-day attack that impacted all self-hosted Outlook Web Access instances that hadn’t been patched within a span of a few days, it is wise to investigate your own business’ network out of principle.

Direct Technology Group can help, via our managed services and the proactive maintenance that they include. Our team will be there, actively ensuring that all necessary improvements are made to your network and the solutions attached to it. Find out more about what we have to offer by calling 954-739-4700 today.

The Right IT Can Be a Solid Profit Generator
Automation Can Bring a Lot of Business Benefits, w...


No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Sunday, 11 April 2021

Captcha Image

Tag Cloud

Tip of the Week Security Technology Best Practices Business Computing Privacy Productivity Efficiency Cloud Google Data Hackers Network Security Microsoft Malware Software Workplace Tips User Tips Communication Business Hardware Innovation Smartphones Miscellaneous Internet Backup Email IT Support Mobile Devices Small Business Hosted Solutions Android Users Collaboration communications Computer Smartphone Mobile Device Business Management Ransomware Cybersecurity Network VoIP Social Media Windows Productivity Outsourced IT Upgrade Managed IT Services Windows 10 Passwords Browser IT Services Managed Service Holiday Tech Term Microsoft Office Save Money Remote Gadgets Quick Tips Covid-19 Cloud Computing Employer-Employee Relationship Windows 10 Automation Disaster Recovery Bandwidth Apps Business Continuity Office Data Backup Saving Money Phishing Facebook Internet of Things Managed IT Services Marketing Information Data Recovery Chrome IT Support Wi-Fi Wireless Mobile Device Management Networking Apple Server Health Gmail Password Office 365 Applications Analytics Router Alert Settings Mobility Retail Access Control Managed Service Provider Computers WiFi App Hacking Cybercrime Patch Management Business Intelligence Virtualization Government VPN Office Tips Remote Computing Data Breach Battery Compliance Data Management Remote Work Going Green Twitter Laptop Physical Security Remote Monitoring BYOD Application Blockchain Recovery Excel Law Enforcement BDR Website iPhone Operating System Printer Artificial Intelligence VoIP Lithium-ion battery End of Support Humor Spam Managed IT Service Mobile Computing Bring Your Own Device Mobile Office Human Resources Telephone Systems Biometrics Voice over Internet Protocol History Mouse Value Entertainment HIPAA Google Drive Big Data Safety Workers Net Neutrality Conferencing Paperless Office Virus Information Technology Politics Environment Word Social Engineering Maintenance Employee-Employer Relationship Files Best Practice Processor Healthcare Virtual Reality Company Culture Data storage Shortcut Tablet Data Security G Suite Printer Server Current Events Free Resource Employees Business Technology Vulnerability Managing Stress Search Hosted Solution Images 101 Medical IT Cortana Telephony Connectivity Cleaning Meetings Education DDoS Vendor Robot IT solutions Hard Drives Tech Support Batteries Social Network Customer Relationship Management Shadow IT Risk Management Customer Service Hybrid Cloud Internet Exlporer Payment Cards Telephone System Streaming Media Fax Server Sports Wireless Charging The Internet of Things Dark Web Cost Management SharePoint Windows 7 Encryption Two-factor Authentication Training Tip of the week PowerPoint Remote Monitoring and Management Content Filtering YouTube Virtual Assistant RAM Scam eWaste Data Protection Smart Technology How To Remote Workers User Error Tech Terms Troubleshooting Telecommuting Windows 8 Printing Email Management Avoiding Downtime Co-Managed IT Backup and Disaster Recovery Wireless Technology Hard Drive Automobile Customer relationships Wearable Technology Electronic Health Records Network Attached Storage Social User Security Update Millennials Paper WIndows 7 Unified Threat Management Memes Display SSD Management Chromecast People Processors Bloatware Licensing Gadget Windows Media Player Monitor Running Cable File Management Server Management Reporting Access Outlook Ink Internet exploMicrosoft Uninterrupted Power Supply IT Benchmarks Inventory Remote Working E-Commerce Spyware Entrepreneur Cables Travel Antivirus Techology Reputation Managed Services Provider Solid State Drive Machine Learning Social Networking Printers Profitability Tablets Google Maps Advertising Hosted Desktop Recycling Mobile Security Payment HP Live Streaming HaaS disposal Spotify Broadband Customer Hard Disk Drive Telecommute GDPR Sales Eliminating Downtime Voice over IP Downloads Multi-Factor Security Phone System Private Cloud Firewall e-waste PCI DSS instant Messaging Document Management WhatsApp User Personal Information Flexibility Cabling internet consultant Distributed Denial of Service Video Data loss Storage Knowledge Budget Wireless Internet eCommerce Memory Trends Botnet Public Cloud Profiles Bitcoin Legal Regulations Compliance Touchpad Vulnerabilities Digital Amazon News SaaS Comparison Copy Software as a Service Distribution OneNote Staff Error Help Desk Online Shopping A.I. Managed IT Computer Repair Innovations Cryptocurrency Edge Programming Plug-In Bluetooth Specifications Database Paste Windows XP Relocation Fleet Management Windows Server 2008 R2 Websites Touchscreen Certification Movies PDF IT Service Threats Video Games Tip of the Week/Security Proactive IT USB Tactics Multi-Factor Authentication Taskbar Dongle Microsoft Office 365 Lead Generation Analyitcs Unified Communications Mobile Scams Hiring/Firing Reviews Black Market Time Management IT budget Remote Support Hacker Internet Explorer Remote Control Webcam Notifications Holidays National Security Authentication Security Cameras Consultant Computer Accessories Project Management Staffing Alerts Gig Economy Chrome OS IT Management Analysis Worker User Tip Science Threat Spam Blocking Virtual Private Network Updates Technology Tips Authorization Insurance NarrowBand Wearables WannaCry Microsoft Teams Best Available Cameras Work/Life Balance Gifts Downtime File Sharing

Mobile? Grab this Article!

QR-Code dieser Seite