As you may have heard in recent news, Microsoft’s Exchange Server (Microsoft’s long-running mail & calendaring server) has been the victim of an ongoing cyber hack since January of 2021. This hack has exposed various organisations email data to a Chinese hacker group dubbed “Hafnium”. So, as partners of Axiom IT and users of many Microsoft tools, you’re probably wondering if this affects you.
IS MY DATA IN DANGER NOW?
Thankfully, you can rest easy knowing that this hack does not apply to you. While Exchange Server is still widely used around the globe, many people, including Axiom IT clients, have already converted to Microsoft’s cloud-based system, Exchange Online. This service, that is provided within Microsoft 365’s subscription bundle, is not under threat.
The difference between Exchange Server and Exchange Online is that it is a service that operates in-house for the businesses that use it, rather than operating online and within the cloud. This means that only organisations operating the mail server physically within their own premises have been targeted.
One of Microsoft Cloud’s biggest benefits is security. Microsoft prides itself on having the best engineers globally keeping your cloud service secure at all times. So much so that many analysts currently believe this attack will lead to an increase of businesses upping their security measures and transitioning to Microsoft’s cloud-based systems because of their inherent safety. Axiom IT harbours the same beliefs and only encourages those who haven’t transitioned to cloud to do so as soon as possible.
WHAT DOES THIS MEAN FOR THE FUTURE?
While you are not in any immediate danger from this hack, it doesn’t mean there won’t be attempts to breach cloud data in the future. Security is always at the forefront of our approach at Axiom IT and we will make certain you have the necessary tools and knowledge to combat against future cyber threats.
As stated by one of Microsoft’s corporate vice presidents, Tom Burt, the first step these hackers took in this attack was gaining “access to an Exchange Server either with stolen passwords or by using the previously undiscovered vulnerabilities to disguise itself as someone who should have access.” This alone is a strong reaffirmation of the importance of our security on all levels, particularly passwords. It is also an indicator of the growing irrelevance and risk of using email, which a growing majority of our clients are already ahead of the curb on (see more here).
To learn more about keeping you and your business secure read our article on it here and here. And while we are safe now, it is no time to drop our guard. Like always, let’s keep our wits about us and stay secure.