It has been a pretty challenging week for those that still manage and maintain on premises Exchange servers due to HAFNIUM targeting Exchange Servers with 0-day exploits.
Who Is HAFNIUM?
HAFNIUM is a state-sponsored advanced persistent threat group from China that is described as a “highly skilled and sophisticated actor.”
While Hafnium originates in China, the group uses a web of virtual private servers located in the US to try and conceal its true location. Entities previously targeted by the group include think tanks, non-profits, defence contractors, and researchers.
Our Take on the Situation
From what has been read online regarding the HAFNIUM Exchange Server hack, what was noted is that many organisations did not have a business continuation/response plan in place for this. Although guidance and resolution were given by Microsoft to administrators to run scripts and patch systems, we read that most seemed totally unprepared for this kind of situation, especially at scale.
Many may think by shift everything to the cloud that all worries are over, however, challenges in the cloud may easily be of the same scale and impact. The cloud is a shared responsibility model which means that both Microsoft and end-user are both responsible for cloud security. In this case, specifically, the recent Exchange issues have largely fallen to Microsoft when it comes to the cloud.
Most cloud systems offer availability of over 99.99% which allows for a large amount of complacency to creep into internal systems and procedures, especially those responsible for maintaining these systems, both internal staff and external 3rd parties. Thoughts of disaster recovery and outage impact get put on the back burner and are never really addressed because there are always higher priorities.
In the end, it comes down to risk analysis. No matter where your systems are hosted, you always need to have an action plan of what do in case of disaster. But where do you start? That is where Veracloud has you covered. Contact us today to find out how to create a business continuity plan as well as discuss the different ways of migrating to a cloud or hybrid cloud setup.