In the U.S., the right-leaning political organization, the Republican Governors Association (RGA), has revealed via data breach notification letters sent last week that its servers were breached during an extensive Microsoft Exchange hacking campaign.
This issue, as Forbes reports, affecting Microsoft technology that hit organizations worldwide in March 2021. However, it has taken until September 2021 for the information to enter the public sphere. While RGA said that it was unsure if personal information was impacted as a result of this incident at first, a subsequent effort to identify potentially impacted individuals revealed that names, Social Security numbers and payment card information were indeed exposed in the attack.
Looking into the incident for Digital Journal is James Carder, Chief Security Officer at LogRhythm.
Carder recounts that the issue that afflicted Microsoft has never fully gone away: “We continue to see the effects of the Microsoft Exchange zero-day attack more than six months after news broke of the extensive hacking campaign, including additional vulnerabilities and breaches that followed the March attacks.”
This opens up bigger implications for the control of information technology systems. Carder is forthright when he says: “This serves as a reminder that our government and organizations that support elected officials continue to be highly sought-after targets for hackers because of the public nature and significant impact, the plethora of rich information that can be leveraged and the often-inferior defenses that allow easy exploitation.”
He adds that we must expect attacks to continue in earnest, finding: “Criminal organizations and nation state threat actors continue to ramp up attacks on our government and critical infrastructure entities like we have seen many times this year already.”
There are lessons from the latest attack that needed to be considered by the most vulnerable organizations. Carder recommends: “Government entities and organizations need to recognize that the possibility of a cyberattack is only increasing with time and they must take pivotal steps to successfully prepare for attacks.”
He adds that: “To prepare, organizations must patch aggressively, limit privileged access, create backups, prepare a response plan and prioritize educational training. As with anything in life, it’s about how you can respond to these attacks and that’s not something organizations want to do without practice and a plan.”
