Remember meForgot password?
    Log in with Twitter

article imageMicrosoft flaws exploited by suspected Chinese hackers Special

By Tim Sandle     Mar 8, 2021 in Technology
In the U.S., federal civilian agencies have been instructed to address flaws in a popular Microsoft email software program. This flaw is connected to a suspected Chinese spying campaign.
A new Cybersecurity and Infrastructure Security Agency (CISA) order (Emergency Directive 21-02) means that U.S. federal civilian agencies have to address Microsoft flaws that are suspected to be involved in a Chinese spying campaign, during March 2021. The order requires agencies to either apply security fixes for the vulnerabilities in the Microsoft Exchange Server software, or, if a compromise is found, to disconnect the program until it can be securely reconfigured.
The measures require federal agencies to apply security fixes for the Microsoft Exchange Server software’s vulnerabilities. Alternatively, organizations should disconnect the program until they can reconfigure it securely.
Steve Forbes, Government Cyber Security Expert at Nominet tells Digital Journal that speed is of the essence but the process will be challenging. He notes: "Microsoft’s disclosure of significant vulnerabilities in its Microsoft Exchange Server software brings to the fore certain challenges and themes we have seen simmering under the surface for a long time in the realm of national cyber security."
To achieve this, there are three key steps required.
With the first, Forbes assesses the need for "alignment of cyber security issues between the private and public sector. There is a tendency to treat these as separate siloes - the security of businesses and the security of government organisations. However, these vulnerabilities demonstrate how flawed that view is. Not only are governments susceptible to software vulnerabilities like any business, but they also face the debate of how extensively to use cloud providers."
He adds: "While historically there has been a perception that it is more secure and robust to run your own infrastructure, this is a good example of where the opposite is true. These vulnerabilities don’t impact the Exchange Online SaaS versions and even if they did they would have been patched instantly, therefore providing instant protection without the pain of having to patch critical services and creating the potential for downtime. "
For the second step, Forbes shows how the recent CISA issues "highlight the increasing frequency of attacks orchestrated by nation states. Microsoft were quick to attribute this attack to the Chinese hacking group Hafnium and it has been suggested that espionage is the key motive."
Finally, Forbes look at the increasing role of government agencies in leading a coordinated response against attacks. He summarizes: "CISA’s directive on the 3rd March for agencies to report back on their level of exposure, apply security fixes, or disconnect the program, is the latest in a series of increasingly regular emergency directives that the agency has issued since it was established two years ago. Vulnerabilities like these demonstrate the necessity for these coordinated national protective measures to efficiently and effectively mitigate the effects of attacks that could have major national security implications.”
More about Microsoft, Security, Cyberattack
Latest News
Top News