888.231.9317

SinglePoint Global

  • Managed IT Services
    • Cloud Services
    • Colocation Services
    • Managed Cyber Security
    • Managed Help Desk
    • Network Connectivity
    • Unified Communications
    • Security Awareness Training
  • About SinglePoint
  • Industries Served
  • Resources
    • Blog
    • The Ultimate Guide to Managed Help Desk
    • Free Ebook: 5 Ways Managed IT Helps
    • Free Ebook: Are You Ready for Managed IT Services?
    • Free Checklist: Will Managed Help Desk Help You?
    • Free Checklist: Does Your Managed Help Desk Drive Results?
  • Client Portal

Here’s What You Should Know About the Microsoft Exchange Server Hack

April 7th, 2021 Single Point Global

We’re only three months into 2021, and it’s already been an eventful year.

The Microsoft Exchange Server hack—our focus in this article—is one of many reasons for this.

 

What Happened to the Microsoft Exchange Server?

If you don’t yet know about this major cybersecurity problem, here’s some context: A Chinese digital espionage unit called Hafnium hacked the data of over 30,000 organizations across the U.S., including the private information of local governments and quite a few small businesses.

The transgression likely began as early as January 6 and continued to spread well into March, relying on four recently-discovered vulnerabilities in the Microsoft Exchange Server email software.

And the unit responsible for the attacks? They planted hundreds of thousands of tools allowing them to gain remote access to the affected systems.

In short, Hafnium leveraged the bugs found in on-prem Exchange servers to hack into users’ email accounts. The FBI released a statement on the attacks here.

 

What Are the Critical Vulnerabilities Involved in the Hack?

Hafnium used four bugs to break into users’ private email:

 

  1. CVE-2021-26855

This Server Side Request Forgery (SSRF) vulnerability gave attackers the means to send arbitrary HTTP requests that let them authenticate as the Exchange server.

 

  1. CVE-2021-26857

This insecure deserialization vulnerability allowed Hafnium to deserialize untrusted data and deploy code under SYSTEM in the Exchange Unified Messaging service.

 

  1. CVE-2021-26858

This post-authentication arbitrary file write vulnerability allowed hackers to write a file to any path on the Exchange server.

 

  1. CVE-2021-27065

Another post-authentication arbitrary file write vulnerability, this bug also gave attackers the tools to write a file to any path in Exchange.

 

For the latter two bugs, hackers could exploit the first vulnerability listed above in order to authenticate—or compromise the credentials of an actual admin.

 

How Can I Check My Servers’ Vulnerability?

If you’re concerned about your team’s cybersecurity, rest assured that Microsoft is well-aware of the vulnerabilities that occurred this winter. By March 22, the tech giant had applied patches (or outright mitigations) to 92% of on-premise Exchange servers.

Nonetheless, Microsoft has instructed IT administrators and consumers to apply these security fixes as soon as possible. If you haven’t already, you’ll also want to do some digging and make sure you weren’t previously compromised.

Interim mitigation solutions are available if you can’t patch right away. And if you’re still worried, just know that your cybersecurity team has got you covered.

 

Have questions or insights into protecting your data? SinglePoint Global can help. Please contact us for details.

BACK TO MAIN PAGE

Recent Posts

  • Security Awareness Training is Your First Line of Defense Against Cyber Attacks
  • 5 Cybersecurity Tools You Need to Take Advantage of
  • Outsourcing IT Security: What To Look for in an IT Security Partner
  • SinglePoint Global Ranked Among Top-Performing Small Technology Companies in Greater D.C.
  • Detect Cyber Security Threats & Protect Your Business with Network Security Monitoring

Categories

About Us

Locations

  • SPG Ashburn
  • SPG Austin

Learn More

  • Managed Help Desk
  • Cloud Services
  • Network Connectivity
  • Unified Communications
  • Cyber Security
  • Colocation

Connect With Us

  • Facebook
  • LinkedIn
  • Twitter
  • YouTube

Privacy Policy | Legal

Copyright © 2023 · Single Point Global on Genesis Framework · WordPress · Log in

  • Managed IT Services
    • Cloud Services
    • Colocation Services
    • Managed Cyber Security
    • Managed Help Desk
    • Network Connectivity
    • Unified Communications
    • Security Awareness Training
  • About SinglePoint
  • Industries Served
  • Resources
    • Blog
    • The Ultimate Guide to Managed Help Desk
    • Free Ebook: 5 Ways Managed IT Helps
    • Free Ebook: Are You Ready for Managed IT Services?
    • Free Checklist: Will Managed Help Desk Help You?
    • Free Checklist: Does Your Managed Help Desk Drive Results?
  • Client Portal