JourneyTEAM

What to Know About the Microsoft On-Prem Exchange Hack

Email | Print

If you’ve been following the news lately, you’re aware of the recent cybersecurity breach of Microsoft’s on-prem Exchange servers. The breach was organized by a Chinese-based group Microsoft named ‘Hafnium’. The group primarily targets companies in the United States for the purpose of exfiltrating information. Specifically, they’re targeting industries like higher education, infectious disease researchers, policy think tanks, and defense contractors. 

Microsoft Corporate Vice President Tom Burt described the attacks this way: “First, it would gain access to an Exchange Server either with stolen passwords or by using the previously undisclosed vulnerabilities to disguise itself as someone who should have access. Third, it would use that remote access…to steal data from an organization’s network.” Some reports have found that in addition to the breach, Hafnium is using malware to ensure long-term access to Exchange Servers.

While any type of cybersecurity attack is concerning, CISA has warned that Hafnium threats must be taken seriously and dealt with immediately. If ignored, Hafnium will eventually access and take control of your server, exploiting every last bit of your sensitive data.

Boost Your Security with JourneyTEAM

To keep users protected against Hafnium, Microsoft released security patches for multiple Exchange versions. Leaders stated: “Because we are aware of active exploits of related vulnerabilities in the wild (limited targeted attacks), our recommendation is to install these updates immediately.”

However, these patches are not enough to completely safeguard your system. Executives have further stated: “Even though we’ve worked quickly to deploy an update for the Hafnium exploits, we know that many nation-state actors and criminal groups will move quickly to take advantage of unpatched systems.” 

There’s thousands of groups across the world that are notoriously good at hacking into your system through the smallest hole. So what’s the best way to defend your network? Where do you start? The first step is by taking a comprehensive look into your entire Microsoft 365 system with a health check provided by JourneyTEAM. Next, if you haven’t already, we’ll help you migrate into the cloud. 

Identify Security Vulnerabilities with a Microsoft 365 Health Check

The first step to defending your tenant starts with finding where security vulnerabilities exist. At JourneyTEAM, we help you do this with a thorough scan and health check of your Microsoft 365  network. Our scan (a document that’s over 100 pages long) searches for things like:

  • Outdated programs or legacy software
  • Current SSPR registration and MFA enrollment
  • Appropriate licensing bundles
  • Overall health of Microsoft Teams, Exchange online service, Power Apps, Power Flow, and SharePoint.
  • Azure AD settings, including app and device integration

Scheduling regular scans of your Office 365 system alerts you to any potential security gaps, allowing you to resolve them before a security breach occurs. Plus, you’ll have the peace of mind knowing that your tenant is protected by security best-practices and up-to-date software.

Eliminate Potential Security Risks by Migrating to the Cloud

If you’re still storing your documents, photos, videos, and reports on a hard drive, it’s time to move to the cloud. Especially considering that hackers can easily utilize malware and phishing to get access to your on-premise servers. Many cloud providers, Microsoft included, are using more robust and powerful security measures to keep data secure. Consistent security updates, ultra-backed up data, third-party security testing, AI tools, and data encryption are just some of the measures taken by cloud companies. 

Microsoft’s cloud solution, Azure, has been consistently praised for it’s top security. The solution is routinely updated with security best practices to safeguard data from hackers, and to ensure that every access point is protected. The Azure Security Centre allows team members and IT professionals to make changes and manage security threats from a single location. 

While the benefits of cloud migration are many, making the move is a lengthy, complicated task. JourneyTEAM has aided many companies with cloud migration, and we’ll help you put together a migration strategy that fits the unique needs of your business.

Contact a JourneyTEAM Representative to Get Started

The threat of cyber attacks is constant, which means your tenant has to be completely protected. JourneyTEAM helps you take those first steps to a more secure system with an extensive health check of your Microsoft 365 system and with a cloud migration strategy that’s tailored to your business’ unique needs. Contact JourneyTEAM now to learn more. 


Article by: Rhett Arave – Azure Team Member

 [email protected] | (801) 938-7825 | (208) 680-2617 

JourneyTEAM is an award-winning consulting firm with proven technology and measurable results. They take Microsoft products; Dynamics 365, SharePoint intranet, Office 365, Azure, CRM, GP, NAV, SL, AX, and modify them to work for you. The team has expert level, Microsoft Gold certified consultants that dive deep into the dynamics of your organization and solve complex issues. They have solutions for sales, marketing, productivity, collaboration, analytics, accounting, security and more. www.journeyteam.com

Related Posts



Ask This Expert a Question or Leave a Comment