Microsoft Exchange has announced a large breach of over 30,000 organizations. Behind the attach is a suspected state-sponsored Chinese hacker group. Following the initial annoncement, indications are that the scope of the attack was far more wider-ranging than previously thought. It could be, according to TechRadar, that tens of thousands of businesses have been affected.
Looking to the issue for Digital Journal is Ric Longenecker, who joined Open Systems as chief information security officer in 2020. Longenecker describes the scope of the breach: “The latest cybersecurity breach, and possible compromise of over 30,000 organizations through on-premise Microsoft Exchange servers, is a very serious matter.”
He moves on to his own experience: “While fortunately, Open Systems was unaffected to this attack due to the use of cloud-based Microsoft Service, we were made aware of the breach before the announcement and we took swift action across our customer base, and continue to check for Indicators of Compromise.”
Longenecker also places the incident in context of other issues: “This news and continuing trends following Solarwinds and so on in 2021 reiterates the importance of MDR, no matter the size of your organization. Threats evolve at such a fast pace that most business owners are unable to keep up. With continual monitoring through MDR in place, and a trusted partner in security, you will sleep much better at night.”
In response to the incident, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued an order (Emergency Directive 21-02) requiring U.S. federal civilian agencies have to address Microsoft flaws and to ensure that their own systems are protected, as Digital Journal reported.
Microsoft has issued an emergency patch for the issue, but many affected customers have yet to install and protect themselves from further damage.
