Millions are currently at risk as Hafnium exploits zero-day vulnerabilities in Microsoft’s Exchange servers’ Outlook Web Access. Wired reports that the hackers have responded to Microsoft’s patched updates, significantly increasing the automated attack. This attack is ongoing. Begin incident response immediately, especially if you use Microsoft Exchange on-prem.
NetCentrics Customers
The majority of our customers are safe because they operate a cloud-first operation. We are reaching out to any that might be at risk.
However, we encourage our customers – or others — to proactively contact us, immediately, for assistance moving to the cloud. This hack is dangerous and cloud migration is a necessary, pre-emptive step to protect against malicious actions. Small and medium-sized organizations are particularly at risk.
What is at Stake
The urgency of this attack is two-fold: first, compromised systems have a wide-open back-door. This can be used to steal data, insert ransomware, or burrow into the network and lay in wait for a bigger, coordinated attack. Second: this attack is massive, and affects everyone who uses Microsoft Exchange products. This is a blanket attack and has the potential to effect multiple industries, local government services, or critical physical infrastructure like energy suppliers or hospitals.
Again: we urge anyone using Microsoft Exchange to contact us for help with cloud migration to limit the reach and scope of this cyberattack.
More information:
Bloomberg
Security Affairs
ArsTechnica