{"id":5265,"date":"2021-03-08T13:16:50","date_gmt":"2021-03-08T17:16:50","guid":{"rendered":"https:\/\/solutionsreview.com\/identity-management\/?p=5265"},"modified":"2021-03-08T13:16:50","modified_gmt":"2021-03-08T17:16:50","slug":"microsoft-exchange-breach-jeopardizes-30000-u-s-organizations-sparks-worldwide-crisis","status":"publish","type":"post","link":"https:\/\/solutionsreview.com\/identity-management\/microsoft-exchange-breach-jeopardizes-30000-u-s-organizations-sparks-worldwide-crisis\/","title":{"rendered":"Microsoft Exchange Breach Jeopardizes 30,000 U.S. Organizations, Sparks Worldwide Crisis"},"content":{"rendered":"

\"Microsoft<\/p>\n

This article explains the Microsoft Exchange Breach and provides some expert commentary on what enterprises can do immediately and long-term<\/a>.\u00a0<\/i><\/b><\/p>\n

The cybersecurity world was rocked recently by the news that the Microsoft Exchange email server suffered from what appears to be a massive breach. According to sources, including <\/span>KrebsonSecurity.com<\/span><\/a>, a Chinese espionage group dubbed Hafnium exploited four zero-day exploits in the Microsoft Exchange email server.\u00a0<\/span><\/p>\n

Hafnium appears focused on stealing victim emails, while at the same time leaving behind \u201cweb-shells.\u201d These operate as malicious, password-protected backdoors into victim\u2019s IT environments, easily accessible over any Internet browser; additionally, web shells grant hackers administrative privileges over the accessed network.\u00a0<\/span><\/p>\n

KrebsonSecurity.com<\/span> reports the Microsoft Exchange Breach affects 30,000 enterprises in the U.S. alone, including small businesses and local governments. However, it appears Hafnium seeded web shells in hundreds of thousands of victim organizations\u2019 IT environments across the globe.<\/span><\/p>\n

\t\t\t

\"IAM<\/a><\/p>\n<\/div>\n\t\t<\/div><\/div>\n

Microsoft Exchange Breach Prompts Serious Response<\/b><\/h2>\n

On March 2, Microsoft issued emergency patches to close the exploited vulnerabilities. The next day, the Central Intelligence Agency (CIA) issued an emergency directive to all federal civilian departments and agencies, ordering any network running the vulnerable Exchange servers to immediately update the software or disconnect the product from the network.\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0<\/span><\/p>\n

White House Press Secretary Jen Psaki stated Friday “This is an active threat. Everyone running these servers — government, private sector, academia — needs to act now to patch them.”<\/span><\/p>\n

This is an emergency every business operating with the Microsoft Exchange email server must take seriously. You should immediately implement the emergency patches or remove\/disconnect the software from your network. Additionally, you need to have your IT security team investigate for potential backdoors into your network and attempt to close the web shells if discovered.\u00a0<\/span><\/p>\n

Expert Commentary<\/b><\/h3>\n

We connected with cybersecurity experts on critical next steps for businesses of all sizes.\u00a0\u00a0\u00a0<\/span><\/p>\n

Saryu Nayyar<\/b><\/h3>\n

Saryu Nayyar (she\/her) is CEO of Gurucul<\/a>.<\/span><\/i>\u00a0<\/span><\/p>\n

\u201cWith organizations migrating to Microsoft Office 365 en masse over the last few years, it’s easy to forget that on-premises Exchange servers are still in service. Some organizations, notably in government, can’t migrate their applications to the cloud due to policy or regulation, which means we will see on-premises servers for some time to come.<\/span><\/p>\n

\u00a0\u201cCISA’s emergency directive is timely and appropriate, as these vulnerabilities are being exploited in the wild now – apparently by threat actors based in China. This is another case that shows how vital it is to keep up with security patches and to make sure the organization’s security stack is up to the task of identifying novel attacks and remediating them quickly.<\/span><\/p>\n

Purandar Das<\/b><\/h3>\n

Purandar Das, CEO and Co-Founder of Sotero<\/a>.<\/span><\/i><\/p>\n

\u201cThe sheer volume of data that is exposed in this event(s) is monumental. This is a troubling sign where organizations relying on software from an entity such as Microsoft, may now have all of their communications in the hands of third party(s). The resulting damage both at an organizational level as well as the individual level can be both large and over an extended period of time. It may be very hard to recover from a hack like this. The true value of the information lost in such attacks is hard to estimate. What is interesting, is that this hack seems to be so easy to have executed even with all the perimeter defense in place. It is also concerning that many, if not most, of these affected organizations would have undergone periodic penetration testing of their external facing systems.\u201d<\/span><\/p>\n

<\/div><\/p>\n

Thanks to these experts for their time and expertise. For more on cybersecurity, check out our Identity Management Buyer\u2019s Guide<\/a> or our Solutions Suggestion Engine<\/a>.\u00a0<\/span><\/p>\n
Widget not in any sidebars
\n","protected":false},"excerpt":{"rendered":"

This article explains the Microsoft Exchange Breach and provides some expert commentary on what enterprises can do immediately and long-term.\u00a0 The cybersecurity world was rocked recently by the news that the Microsoft Exchange email server suffered from what appears to be a massive breach. According to sources, including KrebsonSecurity.com, a Chinese espionage group dubbed Hafnium […]<\/p>\n","protected":false},"author":41,"featured_media":4537,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"inline_featured_image":false,"footnotes":""},"categories":[5,1],"tags":[142,125,1564,16,112,1522,1204,76,425,1642,1643],"acf":[],"yoast_head":"\nMicrosoft Exchange Breach Jeopardizes 30,000 U.S. Organizations<\/title>\n<meta name=\"description\" content=\"This article explains the Microsoft Exchange Breach and provides some expert commentary on what enterprises can do immediately and long-term.\u00a0\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/solutionsreview.com\/identity-management\/microsoft-exchange-breach-jeopardizes-30000-u-s-organizations-sparks-worldwide-crisis\/\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Ben Canner\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/solutionsreview.com\/identity-management\/microsoft-exchange-breach-jeopardizes-30000-u-s-organizations-sparks-worldwide-crisis\/\",\"url\":\"https:\/\/solutionsreview.com\/identity-management\/microsoft-exchange-breach-jeopardizes-30000-u-s-organizations-sparks-worldwide-crisis\/\",\"name\":\"Microsoft Exchange Breach Jeopardizes 30,000 U.S. Organizations\",\"isPartOf\":{\"@id\":\"https:\/\/solutionsreview.com\/identity-management\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/solutionsreview.com\/identity-management\/microsoft-exchange-breach-jeopardizes-30000-u-s-organizations-sparks-worldwide-crisis\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/solutionsreview.com\/identity-management\/microsoft-exchange-breach-jeopardizes-30000-u-s-organizations-sparks-worldwide-crisis\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/solutionsreview.com\/identity-management\/files\/2019\/08\/new-hacker-image-resize-compressed.jpg\",\"datePublished\":\"2021-03-08T17:16:50+00:00\",\"dateModified\":\"2021-03-08T17:16:50+00:00\",\"author\":{\"@id\":\"https:\/\/solutionsreview.com\/identity-management\/#\/schema\/person\/357f925262827fcf840b4341920a1541\"},\"description\":\"This article explains the Microsoft Exchange Breach and provides some expert commentary on what enterprises can do immediately and long-term.\u00a0\",\"breadcrumb\":{\"@id\":\"https:\/\/solutionsreview.com\/identity-management\/microsoft-exchange-breach-jeopardizes-30000-u-s-organizations-sparks-worldwide-crisis\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/solutionsreview.com\/identity-management\/microsoft-exchange-breach-jeopardizes-30000-u-s-organizations-sparks-worldwide-crisis\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/solutionsreview.com\/identity-management\/microsoft-exchange-breach-jeopardizes-30000-u-s-organizations-sparks-worldwide-crisis\/#primaryimage\",\"url\":\"https:\/\/solutionsreview.com\/identity-management\/files\/2019\/08\/new-hacker-image-resize-compressed.jpg\",\"contentUrl\":\"https:\/\/solutionsreview.com\/identity-management\/files\/2019\/08\/new-hacker-image-resize-compressed.jpg\",\"width\":800,\"height\":400,\"caption\":\"Morgan Stanley Suffers Data Breach Due to Third-Party Attack\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/solutionsreview.com\/identity-management\/microsoft-exchange-breach-jeopardizes-30000-u-s-organizations-sparks-worldwide-crisis\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/solutionsreview.com\/identity-management\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Microsoft Exchange Breach Jeopardizes 30,000 U.S. Organizations, Sparks Worldwide Crisis\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/solutionsreview.com\/identity-management\/#website\",\"url\":\"https:\/\/solutionsreview.com\/identity-management\/\",\"name\":\"Best Identity Access Management (IAM) Software, Tools, Vendors, Solutions, & Services\",\"description\":\"Identity Access Management (IAM) News, Best Practices and Buyer's Guide\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/solutionsreview.com\/identity-management\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/solutionsreview.com\/identity-management\/#\/schema\/person\/357f925262827fcf840b4341920a1541\",\"name\":\"Ben Canner\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/solutionsreview.com\/identity-management\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/63f68345052a446ce0cc9c802dd3f373?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/63f68345052a446ce0cc9c802dd3f373?s=96&d=mm&r=g\",\"caption\":\"Ben Canner\"},\"description\":\"Ben Canner is an enterprise technology writer and analyst covering Identity Management, SIEM, Endpoint Protection, and Cybersecurity writ large. He holds a Bachelor of Arts Degree in English from Clark University in Worcester, MA. He previously worked as a corporate blogger and ghost writer. You can reach him via Twitter and LinkedIn.\",\"url\":\"https:\/\/solutionsreview.com\/identity-management\/author\/bcanner\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Microsoft Exchange Breach Jeopardizes 30,000 U.S. Organizations","description":"This article explains the Microsoft Exchange Breach and provides some expert commentary on what enterprises can do immediately and long-term.\u00a0","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/solutionsreview.com\/identity-management\/microsoft-exchange-breach-jeopardizes-30000-u-s-organizations-sparks-worldwide-crisis\/","twitter_misc":{"Written by":"Ben Canner","Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/solutionsreview.com\/identity-management\/microsoft-exchange-breach-jeopardizes-30000-u-s-organizations-sparks-worldwide-crisis\/","url":"https:\/\/solutionsreview.com\/identity-management\/microsoft-exchange-breach-jeopardizes-30000-u-s-organizations-sparks-worldwide-crisis\/","name":"Microsoft Exchange Breach Jeopardizes 30,000 U.S. Organizations","isPartOf":{"@id":"https:\/\/solutionsreview.com\/identity-management\/#website"},"primaryImageOfPage":{"@id":"https:\/\/solutionsreview.com\/identity-management\/microsoft-exchange-breach-jeopardizes-30000-u-s-organizations-sparks-worldwide-crisis\/#primaryimage"},"image":{"@id":"https:\/\/solutionsreview.com\/identity-management\/microsoft-exchange-breach-jeopardizes-30000-u-s-organizations-sparks-worldwide-crisis\/#primaryimage"},"thumbnailUrl":"https:\/\/solutionsreview.com\/identity-management\/files\/2019\/08\/new-hacker-image-resize-compressed.jpg","datePublished":"2021-03-08T17:16:50+00:00","dateModified":"2021-03-08T17:16:50+00:00","author":{"@id":"https:\/\/solutionsreview.com\/identity-management\/#\/schema\/person\/357f925262827fcf840b4341920a1541"},"description":"This article explains the Microsoft Exchange Breach and provides some expert commentary on what enterprises can do immediately and long-term.\u00a0","breadcrumb":{"@id":"https:\/\/solutionsreview.com\/identity-management\/microsoft-exchange-breach-jeopardizes-30000-u-s-organizations-sparks-worldwide-crisis\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/solutionsreview.com\/identity-management\/microsoft-exchange-breach-jeopardizes-30000-u-s-organizations-sparks-worldwide-crisis\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/solutionsreview.com\/identity-management\/microsoft-exchange-breach-jeopardizes-30000-u-s-organizations-sparks-worldwide-crisis\/#primaryimage","url":"https:\/\/solutionsreview.com\/identity-management\/files\/2019\/08\/new-hacker-image-resize-compressed.jpg","contentUrl":"https:\/\/solutionsreview.com\/identity-management\/files\/2019\/08\/new-hacker-image-resize-compressed.jpg","width":800,"height":400,"caption":"Morgan Stanley Suffers Data Breach Due to Third-Party Attack"},{"@type":"BreadcrumbList","@id":"https:\/\/solutionsreview.com\/identity-management\/microsoft-exchange-breach-jeopardizes-30000-u-s-organizations-sparks-worldwide-crisis\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/solutionsreview.com\/identity-management\/"},{"@type":"ListItem","position":2,"name":"Microsoft Exchange Breach Jeopardizes 30,000 U.S. Organizations, Sparks Worldwide Crisis"}]},{"@type":"WebSite","@id":"https:\/\/solutionsreview.com\/identity-management\/#website","url":"https:\/\/solutionsreview.com\/identity-management\/","name":"Best Identity Access Management (IAM) Software, Tools, Vendors, Solutions, & Services","description":"Identity Access Management (IAM) News, Best Practices and Buyer's Guide","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/solutionsreview.com\/identity-management\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/solutionsreview.com\/identity-management\/#\/schema\/person\/357f925262827fcf840b4341920a1541","name":"Ben Canner","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/solutionsreview.com\/identity-management\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/63f68345052a446ce0cc9c802dd3f373?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/63f68345052a446ce0cc9c802dd3f373?s=96&d=mm&r=g","caption":"Ben Canner"},"description":"Ben Canner is an enterprise technology writer and analyst covering Identity Management, SIEM, Endpoint Protection, and Cybersecurity writ large. He holds a Bachelor of Arts Degree in English from Clark University in Worcester, MA. He previously worked as a corporate blogger and ghost writer. You can reach him via Twitter and LinkedIn.","url":"https:\/\/solutionsreview.com\/identity-management\/author\/bcanner\/"}]}},"_links":{"self":[{"href":"https:\/\/solutionsreview.com\/identity-management\/wp-json\/wp\/v2\/posts\/5265"}],"collection":[{"href":"https:\/\/solutionsreview.com\/identity-management\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/solutionsreview.com\/identity-management\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/solutionsreview.com\/identity-management\/wp-json\/wp\/v2\/users\/41"}],"replies":[{"embeddable":true,"href":"https:\/\/solutionsreview.com\/identity-management\/wp-json\/wp\/v2\/comments?post=5265"}],"version-history":[{"count":0,"href":"https:\/\/solutionsreview.com\/identity-management\/wp-json\/wp\/v2\/posts\/5265\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/solutionsreview.com\/identity-management\/wp-json\/wp\/v2\/media\/4537"}],"wp:attachment":[{"href":"https:\/\/solutionsreview.com\/identity-management\/wp-json\/wp\/v2\/media?parent=5265"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/solutionsreview.com\/identity-management\/wp-json\/wp\/v2\/categories?post=5265"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/solutionsreview.com\/identity-management\/wp-json\/wp\/v2\/tags?post=5265"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}