I continue to be amazed in my day-to-day virtual conversations by how many people are unaware of one of the most devastating compromises ever to happen—the recent compromise of Microsoft’s Exchange versions 2013-2019. It is critically important for all Microsoft Exchange users that are using Exchange On-Premises (such as those using Office 365) to be aware of the compromise because it could have a significant impact on your business.
Microsoft announced that its Exchange versions 2013-2019 were compromised and issued patches for the vulnerabilities on March 2, 2021 [view related post]. It is estimated that more than 30,000 U.S.-based companies will be affected by the compromise, which gives the attackers access to emails and potentially to other information technology assets. This is extremely serious, yet many people are unaware of the gravity of the issue and how it could impact their business.
The U.S. Cybersecurity & Infrastructure Security Agency issued an alert for leaders of companies on the compromise:
An adversary can exploit this vulnerability to compromise your network and steal information, encrypt data for ransom, or even execute a destructive attack. Leaders at all organizations must immediately address this incident by asking their IT personnel:
- What steps your organization has taken;
- Whether your organization has the technical capability to follow the guidance provided below; and
- If your organization does not have the capability to follow the guidance below, whether third-party IT security support has been requested.
Leaders should request frequent updates from in-house or third-party IT personnel on progress in implementing the guidance below until completed.
C-Suite executives and leaders of companies may wish to learn more about the compromise and how it could affect the company and to evaluate this guidance from CISA as soon as possible.