The Microsoft Exchange Hack Increases Attack Volume on Massive Scale

The Microsoft Exchange Hack Increases Attack Volume on Massive Scale

The Microsoft Exchange Hack, covered previously in this article, continues to wreak havoc on businesses and governments around the world. Microsoft, working with RiskIQ, has been working tirelessly to close the discovered vulnerabilities. At the time of writing, the two solution providers closed 95 percent of all vulnerable or infected servers. 

However, Check Point Research discovered the number of attempted attacks has increased tenfold as a direct result of the Microsoft Exchange Hack. 700 record attack attempts occurred on March 11 whereas over 7,200 occurred on March 15. Most of these targeted government and military networks, with the United States among the most targeted countries. 

All of this highlights the ongoing cybersecurity perils of discovering and closing zero-day attacks and vulnerabilities. To learn more, we consulted cybersecurity experts.  

Expert Commentary: Microsoft Exchange Hack

Bryson Bort

Bryson Bort is CEO of SCYTHE

“When you look at the fact that ransomware has increased exponentially in the last year, it, unfortunately, makes sense that attackers would take advantage of such a critical and widespread vulnerability for financial gain. This shows why organizations have to assume they’ve been breached. However an attacker gets in, they are bound to be visible afterward. It’s especially incumbent on organizations to ensure that their vulnerability assessments service and their internal team are equipped to spot it.”

Saryu Nayyar

Saryu Nayyar is the CEO of Gurucul.  

“This flood of activity targeting the Microsoft Exchange exploits should come as no surprise. Cyber-criminals and other malicious actors know there is a finite time to act between the announcement of a vulnerability and the point where patches are released and in place.  That time is rapidly closing for the Microsoft Exchange vulnerabilities and they know it.  This just reinforces the need to quickly deploy the patch, because the attacks will continue as long as vulnerable systems remain exposed.”

Thanks to these experts for their time and expertise. You can learn more in the SIEM Buyer’s Guide

Ben Canner