The recent Microsoft hack: what you need to know and other best practices to protect your business or municipality from cybersecurity threats

March 17, 2021

The recent Microsoft hack: what you need to know and other best practices to protect your business or municipality from cybersecurity threats  

Cape Cod 5 is committed to the protection and security of your information throughout all of the ways you bank with us, while also making you aware of other reported incidences or potential vulnerabilities that may impact systems outside of Cape Cod 5 that you may use for your business or organization’s operations. One such occurrence was recently announced by Microsoft. To assist you in keeping your organization secure, below is information on the recent hack at Microsoft. Also included are some  best practices on how to prepare for and protect against cybersecurity attacks aimed at businesses and government entities.

Microsoft Exchange Server Attacks 

What happened? Microsoft recently announced critical security patches for its Microsoft Exchange email server to correct weaknesses in the software that were being used by bad actors in broad-based attacks mainly aimed at small businesses and government organizations.   

Is my organization impacted? If you use an on-premise or physical Microsoft Exchange Email Server (either located at your organization or at a data center), you should follow the steps recommended by Microsoft (see below). Due to the seriousness of this incident, Microsoft has provided security updates to older Exchange server versions that are no longer supported. Microsoft’s Office 365 (O365) cloud-based email system is not impacted by this attack and no further action is needed for customers using O365. 

My organization has been impacted. What steps should be taken? If you use a Microsoft Exchange physical email server in your technology environment, you (with your tech support) should immediately take the steps advised by Microsoft to protect your system: 

• Apply relevant security updates to affected servers  

• Investigate for evidence of system intrusions  

In recent days, Microsoft and the U.S. government have emphasized the criticality of protecting systems from these attacks with quick action due to the escalating numbers of attacks.  

What else can I do? Please see below for additional information on protecting your organization from other types of cybersecurity attacks. 

Prepare and Protect  

With attacks against businesses and governments rising each year both in numbers and sophistication, businesses and government agencies of all sizes should be sure to take preventive measures to protect themselves and their data.  Below is some additional information and resources to assist you in implementing cyber awareness and cyber readiness into your organization:  
 

• Understand the Risks 
  Understand the types of attacks that may target your organization and the risks to better understand how to protect yourself. Malware (or malicious code) are unwanted file programs that can cause harm to your systems, including stealing data (such as customers’ credit card numbers), altering information (such as altering bank account data so funds are sent to the attacker) or ransomware (a type of malware that encrypts computer files until a ransom is paid). 

• Keep systems up to date 
  Ensure systems and applications are regularly updated to the latest version and updates are applied as released (many systems allow these to be applied automatically).  If your software vendor no longer offers updates for your software, you should upgrade or obtain a different application. 

• Train employees to be cyber-aware 
  Cybercriminals often rely on employee errors to access systems to execute attacks (for instance, opening an email attachment containing malicious code).  Training employees to take security precautions (such as strong passwords and not clicking on suspicious links or email attachments), can strengthen your organization’s security. 

• Utilize Security Tools  
  Install security tools such as antivirus software, firewalls and email filters (and keep them updated).Perform frequent backups stored in a separate location to restore your system in the event of an attack.

• Create an Incident Response Plan 
  While no one likes to think about being the victim of a cybersecurity attack, having a plan that includes contact information and response plans can help you respond quickly in the event of a breach and help minimize the damage.   

These tips are intended to be an overview of actions to help protect your organization. For additional tools to help you in implementing cybersecurity practices into small businesses and government agencies, you can download the Cybersecurity and Infrastructure Security Agency’s Cyber Essentials Starter Kit and, for a deeper look, the Cyber Essentials Tool Kit. 

 Resources 

Want to find out more?  Visit the following resources:  

• Microsoft Security Team – Protecting on-premise Exchange Servers against recent attacks 

• Cape Cod 5 Security Center  

Sources used: 

DHS – 5 ways to Cyber Secure - https://www.cisa.gov/sites/default/files/publications/NCSAM_WorkSecure_2020.pdf 

CISA Protecting Against Ransomware https://us-cert.cisa.gov/ncas/tips/ST19-001 

CISA What is Cybersecurity https://us-cert.cisa.gov/ncas/tips/ST04-001 

Return to Cape Cod 5 Blog