Comment: US govt concern over a hack on Microsoft’s Exchange email software
March 2021 by Chris Hallenbeck, CISO, Americas at Tanium
The US govt has expressed growing concern over a hack on Microsoft’s Exchange email software that the tech company has blamed on China. Below is a rapid response comment on this from Chris Hallenbeck, CISO, Americas at Tanium.
“It has long been a tactic of nation-state intruders to monitor for signs of being discovered. This often included targeting the mailboxes of security staff. It’s only natural that attackers would want to tap into the broader wealth of information found on a mail server, and also use it as a beachhead into the organization’s network.
“Beyond the basics of deploying Exchange, most organizations likely lack the skills to perform detailed forensic examinations to determine what might have been stolen. This puts organizations in the unenviable position of assuming everything was taken. We can expect a flurry of breach notifications from this recent intrusion campaign.
“How governments will respond in an effort to rebuke the nation-state sponsors and reign in these massive hacking campaigns has yet to be seen, but it is clear that they must send a definitive message.
“As for network defenders, this is another example where even if you have extensive piles of security tools you are likely to experience some breaches. It is important to proactively instrument your networks to gather data and position your security teams so they can respond to the inevitable.”