SMBs Fall Victim to Sophisticated Ongoing Attack on Microsoft Exchange

Level5 Management Assists South Florida Businesses As IT Security Providers Scramble to Determine Which Organizations Have Been Affected

Level5 Management is assisting businesses throughout Palm Beach County to assess their IT security. All Level5 clients have been protected from the attack.

BOCA RATON — Over the weekend, the White House and U.S. national security officials issued an urgent warning, calling the massive zero-day attack on Microsoft’s Exchange business email an “active, ongoing threat.”

On Sunday, press secretary Jen Psaki stated that the situation will require “the whole of a government response.” 

Network operators and IT security providers around the U.S. are rushing to determine which organizations have been affected. The global cybersecurity crisis continues to evolve, with early tallies of victim organizations surpassed 40,000 as of Sunday. 

Risk to small and medium sized businesses

So far. victimized organizations have ranged from the European Banking Authority to utilities providers, construction companies, senior citizen homes, and even an ice cream company. 

Many of the victims are SMBs caught in the attackers’ rapid and haphazard effort to infect as many organizations as possible and capture their data.

Microsoft vulnerabilities

Microsoft — which originally believed the scope of the attack to be limited — says the breach originated with a Chinese hacking group called Hafnium.

Prior to last week, it appeared the group had been initially targeting organizations who housed high-value intelligence data. Last week, however, the hacking groups began automating mass exploitation attacks, compromising as many servers as possible around the world. Organizations of all sizes and industries are now at risk. 

Microsoft’s Exchange software is one of the most widely-used business email programs. Those affected appear to be businesses and organizations that host web versions of the email program on their own networks. Those that access the program through cloud providers seem to be unaffected. 

Microsoft released a patch against the security flaws, but the measure isn’t sufficient to prevent backdoor access to compromised servers. The “fix” also leaves networks open to serious vulnerabilities that would allow further attacks by others. 

In what’s being called a “global cybersecurity crisis,” organizations of all industries and sizes using Microsoft’s Exchange business email software are being affected.

Officials emphasize they “can’t stress enough that patching and mitigation is not remediation” if servers have already been compromised. It is critical that all organizations with vulnerable servers take steps immediately to determine exposure. At this point, many businesses simply don’t know if they’ve been caught in the wide net cast by the attackers. 

The IT security crisis comes just months on the heels of the SolarWinds breach that shook up the cybersecurity world. That breach compromised 9 federal agencies and hundreds of businesses. The implications of the current attack will be even further-reaching.

Protecting your business

Level5 provides the most sophisticated IT security solutions available and has worked fervently to ensure its clients’ total protection. Level5’s robust client roster includes firms across the financial, legal, healthcare, construction and professional services industries. Each of Level5’s clients have been completely insulated from both crises. 

Level5’s 24×7 security solution not only monitors known threats but also looks for patterns of activities on a particular device. These are patterns that may not fall into a known category but have been determined by a human security expert to be indicative of a threat forming in real time. As South Florida’s leading IT service providers and IT security experts, Boca Raton’s Level5 has stepped up around the U.S. and in its own Palm Beach County community to assist businesses amid the attacks.

For help determining if your business has been affected and securing your organization from these threats, please reach out. Level5’s IT security experts and service team are available via LiveChat on our homepage or by phone at (561) 509-2077