While companies and even governments still calculate the losses from the Solarwinds (Solorigate) global hacker attack, a new disaster has arrived. In early March 2021, cybercriminals attacked Microsoft Exchange servers using ProxyLogon vulnerabilities.
What do the two incidents that claim to be the biggest hacks in recent years have in common and how do they differ? In the case of Solarwinds, it was a targeted, well-planned, sophisticated attack. This attack was carried out by a highly trained group with large resources and allegedly sponsored by the state.
In the case of Proxylogon, the main problem lies in the severity of the vulnerability caused by errors by the Microsoft developers, as well as in the wide use of the Exchange e-mail server. This vulnerability has turned out to be such a large hole in the server software that hackers of all stripes have rushed in to exploit it for a variety of purposes, from spyware and theft to commonplace mining and spam.
As an urgent measure to protect your mail and your entire IT infrastructure from hackers, we recommend that you make sure your mail servers are up to date as soon as possible.
To mitigate cybersecurity risks in the long term, you need systemic information security management activities, including penetration testing (especially delivery chain pentests) and monitoring of threats, vulnerabilities, and security events.
Contact us for a free consultation on securing your mail and all IT systems.