Manage Pressing Risks with EPL-Risk.com

A one-stop hub for practical, timely and actionable insights, tools and training that may save thousands of dollars by minimizing potential loss exposures, human resources expenses, training costs, and attorney fees.

Stay on top of current workplace issues, legislation, and employment trends with:
  • Articles, News Briefs, and Checklists
  • Interactive Training Modules
  • Model Handbook with 100+ Template HR Policies, Procedures, and forms

Today's Workplace

So Where Is All The Malware Hidden On Your System?

Cybercriminals are using new technology and techniques to evade detection. Learn more about how malware is hidden from antivirus software.

Continue Reading

Are You Practicing Webcam Security?

Hackers can access a webcam and it could simply be on without your knowing. Read tips for staying safe around devices with cameras.

Continue Reading

Why Your Organization Needs A Security Breach Notification Plan

All states have laws requiring organizations to notify individuals whose personal data is hacked. Learn more about why.

Continue Reading
print   email   Share

Microsoft Exchange Hack: Update Needed ASAP

KrebsOnSecurity has reported that an estimated 30,000 U.S. companies, small businesses, and government offices were hacked over several days in early March by an "unusually aggressive Chinese cyber espionage unit."

The goal of the cyber espionage unit, which Microsoft calls "Hafnium", was to steal emails from its victims. KrebsOnSecurity stated that sources familiar with the hack said the cybercriminals exploited four flaws in Microsoft's Exchange server email software. These flaws allegedly gave Hafnium full remote control over the systems they hacked.

According to the White House press secretary, "significant" weaknesses were found in Microsoft's Exchange servers.

The cybercriminals left a hacking tool called "web shell" on each system that they infiltrated. The tool is protected by an easy password and can be accessed from any internet browser, according to KrebsOnSecurity. It gives the hackers administrative access to the targeted computer servers.

Microsoft released a security update to patch 2013 to 2019 versions of Exchange in early March. It also notified U.S. government agencies of the breach. The Prague municipality and the Czech Ministry for Labor and Social Affairs were also allegedly impacted by the cyberattack. 

This is the eighth time in 12 months that Microsoft has reported state-sponsored cyberattacks.

A spokesperson for the Chinese Foreign Ministry responded to Microsoft's accusations by stating that there is not enough evidence to determine the origin of the cyberattack.

Exchange is used by companies, infectious disease researchers, defense contractors, law firms, non-governmental organizations, and universities, according to Microsoft. Fatma Khaled "At least 30,000 US organizations, small businesses and government offices were victims of Microsoft Exchange hack: Krebs" msn.com (Mar. 06, 2021).

Commentary

Microsoft recommended that Exchange users immediately install the updates it released in March. If your organization uses Exchange, require all employees to install these updates right away.

In fact, it is important to train employees to immediately install all patches to apps, software, and operating systems as soon as they become available. Updates frequently address a known vulnerability that is allowing cybercriminals to hack devices. Therefore, installing updates is one of the best cybersecurity practices you can instill in your employees.

Require employees to set their work computers and devices to update automatically. Train them to immediately install any legitimate patches that cannot be set to automatically update.

However, remind employees to be leery of any popups or emails that claim to contain necessary updates, even if they use the app it says it updates. Cybercriminals will often spread malware through fake updates.

Finally, your opinion is important to us. Please complete the opinion survey: