Earlier this month, the tech world was buzzing with news of yet another major security incident: hundreds of thousands of organizations running on-premises Microsoft Exchange servers (including 30,000 in the United States) were discovered to have been breached using a previously unknown exploit-- giving the attackers, suspected to be a state-sponsored threat group, access and complete control over the impacted systems. The scale of this attack is unprecedented, and will have serious implication for many businesses and individuals far beyond the orbit of the primary 30,000 victims, who include universities, think tanks, government agencies, and small businesses.
Companies that were impacted by this attack also found that the attackers had planted backdoors to ensure persistent access, even after the initial exploit was patched. Given the number of affected organizations and endpoints, there is little doubt that it will take time to uncover the true impact of these attacks. Data theft, CEO fraud, malware distribution, and ransomware outbreaks are all possible consequences for the companies who were impacted directly, as well as for those who do business with them.
If you are one of FrameWork's customers-- you don't have anything to worry about on your end. Cloud-based Office 365 services were not impacted by this attack. The concerns lie in the companies that you do business with-- business partners, local companies, distributors, suppliers, and the like. Vigilance is more important now than ever--and FrameWork is here to help. Don't hesitate to reach out to us for advice or for a second set of eyes, we're here to help!
If you'd like to read more about the breach, check out the KrebsOnSecurity article HERE.