Exchange Servers: Not Out of the Dog House Yet
March 25, 2021
Here’s a chilling statement I spotted in “Microsoft Servers Being Hacked Faster Than Anyone Can Count”:
This free-for-all [Exchange Server] attack opportunity is now being exploited by vast numbers of criminal gangs, state-backed threat actors and opportunistic “script kiddies… Because access is so easy, you can assume that majority of these environments have been breached.
The statement is attributed to Antti Laatikainen, senior security consultant at the cyber security firm F-Secure.
Is this accurate?
The ever fascinating digital publication Windows Central ran a story with a headline that offers a different point of view: “Microsoft Says 92% of Exchange Servers Have Been Patched or Mitigated.”
The discussion about these different views raises a number of questions:
- Does Microsoft want to remediate its business processes to make its products and services more secure? (More security means more difficulties for certain government agencies who use security as a way to achieve their objectives.)
- Can security professionals be trusted to identify security problems or issues? (The SolarWinds’ misstep went undetected for months, maybe as much as two years before information about the issue surfaced in a FireEye statement.)
- Can continuous development and update processes deliver acceptable security? (The core business process may exponentially increase the attack surface with each fast cycle change and deployment.)
How secure are “patched” Exchange servers? A very good question indeed.
Stephen E Arnold, March 25, 2021