Large-scale Microsoft Exchange Hack

Large-scale Microsoft Exchange Hack

 In Integer IT News, IT Tips, Security
1

Here we are again, reporting on another security breach involving a major international company. In this case, Microsoft have advised that their Exchange email platform has been compromised.

Late last week Microsoft accused Hafnium as the state-sponsored group from China behind the exploitation of user email accounts from customers who are operating Microsoft Exchange Server versions 2016 & 2019.

This vulnerability has been confirmed to exist within the latest version of Exchange 2016 on a fully patched Windows Server 2016 server. Microsoft also confirmed the vulnerability exists in Exchange 2019 but has not tested against a fully patched version, although it believes they are vulnerable.

It should also be noted that at the time of writing, this vulnerability does not appear to impact Office 365.

Integer IT has quickly patched the servers of our managed service clients who operate the particular versions of Microsoft Exchange identified as being vulnerable to the exploit. Additionally, we have checked mailboxes for suspicious activity (e.g. the creation of email forwarding rules).

We take the security of our clients’ systems very seriously, and we encourage best practice on how to secure environments and data.

Integer utilises a multi-faceted approach to protect our own IT environment, including:

  • Remote/pre-delivery email filtering services
  • Managed hardware firewalls with subscription updates
  • Endpoint security on both servers and desktops
  • Regular security patching of systems
  • Back up of Microsoft 365 emails
  • Multi-factor authentication (MFA) on critical applications
  • Offsite data back up

This type of cyber-attack is, unfortunately, the new norm, allowing malicious actors access to email accounts and any data and attachments that reside within them. Email mailboxes are not the place to hold or save data, and we encourage saving important documents in a centralised area (e.g. on a secure server).

If you feel you aren’t fully protected and would like to discuss how we may assist please do not hesitate to contact us.

Recent Posts
Contact Us

Send us a message and we'll get back to you as soon as possible.

Start typing and press Enter to search

Integer IT 2020 RecapInteger IT News, NBN
Telephony RedefinedInteger IT News, Unified communications