Mass Cyber Exploitation: On-Prem Exchange Servers

What is the Security Issue?

In early March, multiple vulnerabilities in Microsoft Exchange Server led to mass security problems for our customers and organizations around the world. By exploiting these vulnerabilities, attackers were able to gain administrator rights not only for the compromised server, but in many cases for the entire network. Microsoft claimed they were “limited and targeted attacks” but, from our research and experience, the spread was much larger. The HBS ESRM team responded to a large number of incidents involving the Exchange Exploits. Alarmingly, the majority of the endpoints involved in these cases had antivirus or EDR solutions installed—meaning the exploits slipped past most preventive security products.

How does it impact you?

So, how can small and medium organizations in the Midwest defend against mass cyber exploitations perpetrated by nation-state threat actors? If the largest and most sophisticated technology companies cannot stop cyber attacks, how vulnerable are you? And, if attackers are blowing by preventative security products, what options do organizations have to defend their networks and data? These questions along with insights on the Microsoft Zero Day Exchange Exploits will be discussed in this webinar. Todd Heinz, Director of Enterprise Security Risk Management, David Donnelli, Incident Response Practice Manager, and Steve Kjenner, HBS CISO will offer strategies to defend against what seems to be indefensible.