Contactez-nous Suivez-nous sur Twitter En francais English Language

De la Théorie à la pratique

Freely subscribe to our NEWSLETTER

Newsletter FR

Newsletter EN



Comment: US govt concern over a hack on Microsoft’s Exchange email software

March 2021 by Chris Hallenbeck, CISO, Americas at Tanium

The US govt has expressed growing concern over a hack on Microsoft’s Exchange email software that the tech company has blamed on China. Below is a rapid response comment on this from Chris Hallenbeck, CISO, Americas at Tanium.

“It has long been a tactic of nation-state intruders to monitor for signs of being discovered. This often included targeting the mailboxes of security staff. It’s only natural that attackers would want to tap into the broader wealth of information found on a mail server, and also use it as a beachhead into the organization’s network.

“Beyond the basics of deploying Exchange, most organizations likely lack the skills to perform detailed forensic examinations to determine what might have been stolen. This puts organizations in the unenviable position of assuming everything was taken. We can expect a flurry of breach notifications from this recent intrusion campaign.

“How governments will respond in an effort to rebuke the nation-state sponsors and reign in these massive hacking campaigns has yet to be seen, but it is clear that they must send a definitive message.

“As for network defenders, this is another example where even if you have extensive piles of security tools you are likely to experience some breaches. It is important to proactively instrument your networks to gather data and position your security teams so they can respond to the inevitable.”

See previous articles


See next articles