Microsoft has confirmed that Chinese hackers were responsible for the attacks it announced on March 2 that exploited vulnerabilities in the standalone version of its Exchange Server mail and calendar software. The hackers have been targeting corporate and government data centers since January, but the vulnerabilities may go back as long as 10 years. Microsoft published a fix on Patch Tuesday (that’s the second Tuesday of every month), but now what?
Here’s a quick tip. Stop using the standalone version of Exchange Server. No one is hacking the Microsoft cloud or the Google cloud. When they do, it will mark the beginning of a cyber world war. No matter how big your in-house cybersecurity team is, it isn’t big enough to fight nation-state-backed armies of cyberwarriors. Like WOPR says, “The only way to win is not to play.” Stick a fork in Microsoft Exchange Server. It’s done.
Author’s note: This is not a sponsored post. I am the author of this article and it expresses my own opinions. I am not, nor is my company, receiving compensation for it.