March 19, 2021

2021 Microsoft Exchange Server Exploit

Let Skycomp explain this exploit in a way that everyone can understand.

Today we are talking about the Exchange server exploit that happened a few weeks ago. Skycomp has clients that aren’t technically minded. Some of them are, some are just not in a technical field. Technical as in understanding networks and cyber security. That’s more then okay! We don’t want to scare people away from reading about technology, we can explain it in a way that makes sense to you. Not that we are dumbing it down. We know that you’re an intelligent person. But not understanding how technology works doesn’t make you not intelligent. It just shows you have focused your career, learning, whatever you want to call it toward what YOU are passionate about. Nothing wrong with that!

But in this article, we are going to attempt to do something different that no other IT company has attempted. (That we know of…) We are going to explain to you how this cyber security breach happened. Why nobody caught it till now, and why you should be concerned about cyber security.

We should preface this with if you are a client of ours running an Exchange Server and your nervous about your data, we want to assure you we have followed Microsoft’s instructions to install a patch to protect data. We are also constantly monitoring your Exchange systems for anything suspicious. If you aren’t with Skycomp Solutions. Might be a good time to check in with your IT department ask a few questions:

 1. Do I have any Exchange Servers?

2. Has any of my data been exploited?

3. Have you put any preventative measures in place?

All this Server and Exchange Stuff Doesn’t Make any sense. Why would I be worried?

Serge our CEO gave a great analogy that describes what’s happening technically without being too confusing. It might sound like a funny example, but it really describes the possibilities of this exploit well. It also may scare you, be warned you might want to call up your IT department shortly after reading this…

Thing of your Exchange Server like a Car, or Truck, specifically a vehicle that has the passcode entry on the side of the door. Physical buttons that range from 0-9 that you type in your special password and get into your car and drive off.

Now, you’ve owned this car for a while, put a bunch of coffee money in there, and you forget your wallet in there every night, with all your personal information.

The Car Company releases a statement that someone has leaked the master password number for all YOUR model of car. So, no matter if you have put in a custom number, change it to something else, anyone with that master password can get into your car.

They also release that someone in your area has been getting into cars, stealing everything, and adding in a custom password that will always let them in to your car.

The Car Company says not to worry. They have released a patch for the car to reset the master password. The only problem being you don’t know if your car has the thief’s password added in.

Now your stuck, you don’t want to buy a new car. What can you do?

If we bring this language back to talking about Servers specifically Exchange servers. Instead of leaving your wallet in the car or a bit of coffee money. It’s all your companies’ private data.

Reach out to us on social media – let us know if this article is helpful to you! 

Now don’t get this confused. It wasn’t someone who setup a bad password that allowed the hackers into your server. It was the initial design of the server that allowed people a back door. So, don’t call up your IT company in a rage. Microsoft is to blame for this for sure.

The major lesson here is not to trust Microsoft with your data. Sure, they have other safety measures in place. It is not a ridiculous idea to trust them with some of your data.

But it is always smart to be proactive in your cyber security. Look for ways to get ahead of the hackers. That’s the constant battle we have in IT. How do we convince our partners to improve cyber security? Well using Skycomp as an example, we just say it like it is, make the changes according to our Managed Service Agreement. We also constantly are looking for ways to be proactive. And we’ve been doing it for over fifteen years.

The only other question we must answer is why nobody caught this until a few weeks ago. The truth is, Microsoft didn’t realize the scale of this problem till someone dug a little deeper and found out. Most likely they couldn’t have known till the stumbled upon it. That’s what makes this so scary.

One other question that you might want answered is why are exchange servers being hacked in the first place? Well mostly its is a hacking organization from china known as Hafnium. But it’s not only them that are making this happen. This exploit has created the ability for many different hacking organizations the ability to get past security and get information from private servers.

But when you see the list of companies and organizations getting exploited by this backdoor, this list includes thousands of state and city governments, fire and police departments, school districts, financial institutions, and other organizations. Just about 30,000 of them.

Hopefully, this article opened your eyes to what a cyber security breach can look like. What scale it can get to. Something to take into consideration when looking for an IT provider or break-fix provider. Will I be covered for events like this?

Keep asking questions, expect non-technical answers that you can understand so you can make the right decisions for your business.

View all articles

Stop worrying about IT.

If our team sounds like a good fit for your organization, we’d love the opportunity to show you how we can help.