What You Need to do in Response to the Microsoft On-Prem Exchange Hack

User Review
0 (0 votes)

If you haven’t been paying attention to the news recently, we’ll catch you up. Recently, Microsoft fell victim to a Chinese-based group of hackers (they’re calling them Hafnium) who have been targeting US-based companies via their on-prem Exchange servers. Specifically, this group is targeting data from industries like defense contractors, higher education, policy think tanks, infectious disease researchers, and more. It’s unclear exactly how many people were affected by the attack, but some sources have reported more than 250,000 affected users worldwide. 

Microsoft has called the group “a highly skilled and sophisticated actor” with very focused and specific attacks. Here’s how the attacks work: “First, it would gain access to an Exchange Server either with stolen passwords or by using the previously undisclosed vulnerabilities to disguise itself as someone who should have access. Third, it would use that remote access…to steal data from an organization’s network.”

Once these skilled actors are inside a network, CISA has warned that Hafnium hackers can easily take control of an entire network—exploiting all of your sensitive and private data.


JourneyTEAM Keeps You Protected

As soon as Microsoft learned of the hacks, they released a number of security patches to help safeguard users’ systems against Hafnium. Microsoft leaders stated:

“Because we are aware of active exploits of related vulnerabilities in the wild (limited targeted attacks), our recommendation is to install these updates immediately.”

Installing these new security patches is just the first step to boosting your security however. Leaders have also stated: “Even though we’ve worked quickly to deploy an update for the Hafnium exploits, we know that many nation-state actors and criminal groups will move quickly to take advantage of any unpatched systems.”

No system is completely immune to a hacker—these groups are extremely crafty and very good at finding even the smallest holes in your system. So how do you shield your network from these groups? How do you find weaknesses in your network? What’s the first step?

JourneyTEAM is your first step. We provide a comprehensive check of your entire Microsoft 365 system as well as cloud migration services to help you build a more secure network.


Is Your Tenant Really Secure?

Your network is an incredibly complex thing—even if you come from a small business. There may be programs, processes, and systems lurking in the outer reaches of your tenant that are potential security risks. The only way to know if they’re there is with a Microsoft 365 health check provided by JourneyTEAM.

Our scan searches through your entire network, looking for any outdated programs, legacy software, and other potential security risks. Specifically, we look at: 

  • Azure AD settings review and update: This includes MFA and SSPR enrollment and registration, app integration for admin consent, and device integration.
  • Office 365 service settings: An overview of Microsoft Teams, Power Apps, Power Flow, and SharePoint is done as well as an Exchange online service, including retention, archive policies, anti-phishing set up, and more.
  • Licensing review: We’ll ensure that all your software licensing is current and the best for what you need.

With routine health checks of your Office 365 system, you’ll be alerted to any potential gaps, weaknesses, or vulnerabilities in your system. This enables you to take the necessary steps to resolve them and build a more secure network.


Cloud Security is Best

One of the biggest reasons that more and more organizations are migrating to the cloud is security. And arguably the most secure cloud available is Microsoft Azure. In fact, Azure has been praised by the US pentagon for it’s security measures, including built-in firewalls, consistent software updates, AI and patching tools, data redundancy, third-party testing, and more.

With Azure, security has been built-in to essentially every feature, making it one of the most secure cloud solutions on the market. If cybersecurity is a top priority for your organization, it’s time to leave your on-premise servers behind and make the move to the cloud.

However, deploying your own cloud environment is not a small task. There are thousands of things to consider as you begin setting up a cloud migration strategy, and it can quickly get overwhelming. To ensure a successful migration, contact JourneyTEAM. We’ve helped dozens of teams move successfully into the cloud with little disruption to business processes.

Contact JourneyTEAM Today

With the constant threat of cyber attacks, it’s crucial that your tenant have the best security measures in place. Without them, your sensitive or private data is at risk of being accessed by any number of cyber criminals. At JourneyTEAM, we’ll use our Microsoft 365 health check and customized cloud migration strategy to ensure your network is 100% protected. Don’t wait for an attack to happen—contact JourneyTEAM today to take the first step to a more secure system.

Rhett Thumbnail ImageArticle by: Rhett Arave – Azure Team Member

Rhett.Arave@journeyteam.com | (801) 938-7825  or  (208) 680-2617 

JourneyTEAM is an award-winning consulting firm with proven technology and measurable results. They take Microsoft products; Dynamics 365, SharePoint intranet, Office 365, Azure, CRM, GP, NAV, SL, AX, and modify them to work for you. The team has expert level, Microsoft Gold certified consultants that dive deep into the dynamics of your organization and solve complex issues. They have solutions for sales, marketing, productivity, collaboration, analytics, accounting, security and more. www.journeyteam.com