Connect with us

Hi, what are you looking for?

Business

MSFT database vulnerable serves as a wakeup call

Microsoft has cautioned thousands of its cloud computing customers, including some of the world’s largest companies, that intruders could have the ability to read, change or even delete their main databases.

China says Washington hack claims 'fabricated', condemns US allies
The Microsoft hack, which exploited flaws in the Microsoft Exchange service, affected at least 30,000 US organizations including local governments as well as organizations worldwide - Copyright AFP/File SANJAY KANOJIA
The Microsoft hack, which exploited flaws in the Microsoft Exchange service, affected at least 30,000 US organizations including local governments as well as organizations worldwide - Copyright AFP/File SANJAY KANOJIA

CNBC has published a story reporting an announcement from Microsoft that warns thousands of cloud customers about exposed databases. This warning has come from an email issued by the technology firm.

In the email, Microsoft states: “We have no indication that external entities outside the researcher (Wiz) had access to the primary read-write key.” Perhaps not, but a level of concern continues to exist.

In issuing the warning, Microsoft has cautioned thousands of its cloud computing customers, including some of the world’s largest companies, that intruders could have the ability to read, change or even delete their main databases.

The news follows a situation where Microsoft was breached by the same suspected Russian hackers that infiltrated SolarWinds, who also stole Microsoft’s source code. Ransomware groups began using the flaw to install their malicious programs.

The story comes at an interesting time, with many businesses moving data to the cloud amidst the pandemic but neglecting to protect that data beyond perimeter security. Cloud computing cloud computing delivers computing services – including servers, storage, databases, networking, software, analytics and intelligence – over the Internet, and represents an increasingly used business service.

Looking into the matter for Digital Journal is Gary Ogasawara, CTO of Cloudian.

Ogasawara begins my commenting on the importance of the announcement and its ramifications: “Microsoft’s warning should serve as a wakeup call for organizations relying solely on their cloud provider for security.”

He adds that the affected companies have no option other than to “Take matters into their own hands to safeguard their data, most importantly protecting it at the storage layer.2

As to how to manage this, Ogasawara recommends: “This includes encrypting data both in flight and at rest to keep cybercriminals from reading it or making it public in any intelligible form.”

He adds as a further thought: “In addition, organizations should have an immutable (unchangeable) backup copy of their data. Immutability prevents such criminals from altering or deleting the data and ensures the ability to recover the uninfected backup copy in the event of a ransomware attack, without having to pay ransom.”

Written By

Dr. Tim Sandle is Digital Journal's Editor-at-Large for science news. Tim specializes in science, technology, environmental, and health journalism. He is additionally a practising microbiologist; and an author. He is also interested in history, politics and current affairs.

You may also like:

Life

This transmission electron microscope image shows SARS-CoV-2—also known as 2019-nCoV, the virus that causes COVID-19—isolated from a patient in the U.S. Virus particles are...

Life

If all this very basic information makes the point that these drugs are truly bad, that was the good news. The news for users...

World

WikiLeaks founder Julian Assange will learn Monday whether he can appeal to Britain’s Supreme Court against a High Court ruling.

World

French designer Thierry Mugler, who reigned over fashion in the 1980s, died on Sunday at the age of 73 of "natural causes".