top of page

What to do About the Microsoft On-Prem Exchange Hack

Updated: Aug 3, 2023

How JourneyTEAM, experts in authority and security, can help you stay secure against professional hackers.

It’s been a few weeks since Microsoft announced the on-prem Exchange hack, but many users worldwide are still alarmed about the attack—and for good reason. While it’s unclear exactly how many Microsoft users were affected by the breach, it’s estimated that at least 30,000 US customers were affected and 250,000 globally.

cybersecurity and identity access

Microsoft has stated that the attacks came from a “highly-skilled and sophisticated actor” that they’re calling Hafnium. Based in China, this group targets entities based in the US to steal information from a number of industries, including law firms, defense contractors, infectious disease researchers, policy think tanks, and more.

Once Hafnium gains access to an organization, they steal data like emails or contact information and use it to enter a user’s account database. Some attacks have even utilized additional malware to gain long-term access to systems, including credentials, files, and inboxes. If not addressed quickly, the US Cybersecurity and Infrastructure Security Agency (CISA) has warned that Hafnium could take control of an entire enterprise network, exploiting every last one of an organization’s vulnerabilities.

Stay Protected from Cyber Attacks with JourneyTEAM

In response to the hack, Microsoft strongly encouraged all users to update their Exchange server to apply new security updates to protect against Hafnium hacks.

Microsoft stated: “Even though we’ve worked quickly to deploy an update for the Hafnium exploits, we know that many nation-state actors and criminal groups will move quickly to take advantage of any unpatched systems.”

keys in desk drawer

Similar to common household pests that find their way inside homes through the smallest crack, hackers do the same. They’re notorious for finding and exploiting the smallest gap or insecurity in a system and worming their way inside.

So how are you supposed to keep your system safe from not just Hafnium, but other cyber criminals as well? How can you ensure that every entrance point into your system is secure? It starts with a Microsoft 365 health check from JourneyTEAM and migrating from legacy software to the cloud with the help from a Microsoft gold partner.

How Secure is Your System Really?

It’s much harder to protect your system if you don’t know where your weak spots are. While your IT team can run a routine risk assessment, a complete health check of your Office 365 system by JourneyTEAM provides a comprehensive look at your system and where you’re most at risk for attacks.

various tools

Using industry-leading best practices, we ensure that all sensitive or private data is secure, and that you have the most potent security system protecting your network. Our health check includes, among other things, a review of your Azure AD and Office 365 Service settings, including:

  • Tenant name and properties

  • How your identities are or are not secured

  • User and device settings

  • App integration settings for user/admin consent

  • SharePoint service settings, including security and default sharing

  • OneDrive service settings

  • Flow and PowerApp security settings

  • Teams service settings, including guest access, app integrations, and federation posture

Getting a regular tune up of your systems ensures that you’re not running any old, outdated, or insecure software or programs. Additionally, you’ll have the peace of mind knowing your system and your tenant are protected with the latest security requirements and best practices for maximum performance. Still Not in the Cloud? In many ways, the cloud is more secure than traditional on-prem servers. One of the biggest reasons for this is that many companies, Microsoft included, have implemented more security measures with cloud data than on-prem servers. Additionally, cloud servers are usually stored in locations that most don’t have access to. Data stored on the cloud is typically encrypted and has additional controls you can configure for protecting and preventing this data from getting into the wrong hands. Finally, the cloud features consistent updates, features patching to safeguard data, built-in firewalls, data redundancy, and third-party testing to ensure optimum security.

windows logo

With Azure, Microsoft’s cloud storage solution, security was built into every aspect of the solution. It’s continuously updated to ensure that every access point is kept secure from hackers and the latest threats. By migrating to the cloud, following best security practices and keeping employees trained and up-to-date on how to safeguard data is so much easier. Everything can be done right from the Azure Security Centre. Additional Microsoft products like Azure Active Directory, MFA, and InTune ensure that only authorized users have access to sensitive or private information.

If you’re still using an on-premise server, it may be time to migrate to the cloud. However, this migration is not an easy task. At JourneyTEAM, we’ve helped numerous organization’s migrate to the cloud with little disruption to businesses processes, and we’re happy to do the same for you.

For any additional questions, please contact Journeyteam at (801) 565-9199.


bottom of page