Microsoft recently announced the discovery of a critical exploit in its Exchange Server products: these vulnerabilities are simple for attackers of any sophistication level to exploit. Microsoft has advised any organizations that use on-premise Exchange servers, or have servers with “OWA” websites open to the internet for any reason, to deploy these patches immediately, as well as evaluate their systems for any indicators of compromise (IOCs).
This exploit does not exist for organizations who have migrated to Microsoft 365, due to differences in how email is hosted. As the majority of our clients use Microsoft 365, only a few organizations partnered with Mytech have been exposed to this vulnerability at all.
As soon as Microsoft revealed the exploit and released the corresponding patches, Mytech acted immediately to assess risk to our clients and begin the deployment process. However, because the exploit existed for some time prior to Microsoft’s announcement, affected organizations may still be at risk: deploying the patch will not remove any malware or footholds that have already been installed by attackers. Our clients who were vulnerable for any period of time have already been informed, and consulted on their level of exposure and risk.
Because Mytech believes in defense-in-depth philosophy, we do not simply rely on a single point of failure – such as preventing entry to our clients’ networks. We also routinely check the networks themselves, monitoring for any suspicious activity and establishing safeguards to prevent and detect unauthorized actions. Put simply, IT security is not just about keeping threats out; it is also about catching anything that manages to get through.
Mytech and its partners in the cybersecurity world will be monitoring this situation as it develops, and will be ready to act on any new information that comes to light. And if the threat landscape changes for any of our clients, we will ensure they are informed and defended, to the best of our abilities.