Print Article

Microsoft's email software hack in jersey – are you ready for the JFSC and JOIC questions


The following story requires immediate action. Many firms in Jersey have been affected. And I'm sure both the JFSC and JOIC will follow up on this matter.

Microsoft's email software exploited by hackers compromising thousands of sites globally.

Originally businesses were being targeted, but once the criminals found out the vulnerabilities would be patched, they upped their attacks and went after every Microsoft Exchange server that was on. Organisations in the Channel Islands using Microsoft Exchange servers for emails are vulnerable. All internet-facing Exchange servers should be patched if not already done so.

Patching is too late if an organisation has already been compromised.  Firms need to find out if their systems have been compromised and secure them appropriately. If these systems have been compromised, they need to be isolated, forensics applied and ultimately rebuilt.

Being compromised is serious as data and credentials may have already been stolen.

Attacks such as this remind us all we are vulnerable, whatever the size or location of our business or organisation. Even if an organisation has not been affected, everyone needs to be aware of the increased risk of phishing attacks because of the potential of mass data breaches.

The attack may prompt more organisations to move to cloud-based email servers with automated security and identity management to make monitoring and maintenance more straightforward