In early March 2021, Microsoft confirmed hackers were exploiting previously unknown vulnerabilities in its Exchange Server email software. Whilst security patches were swiftly released, we already know thousands of businesses have been targeted.
This attack is allowing the threat actor to gain access to the email Exchange Server either with stolen passwords or using the vulnerability to disguise themselves as legitimate access, ultimately to steal data from the network.
Whilst Microsoft has stated that the attacks were “limited”, there remains a risk these vulnerabilities could be more widely exploited in the near future. It is prudent to also consider that history suggests businesses are not always agile or swift to respond to patch updates. Microsoft found in April 2020 that a key patch that rectifies a critical flaw in the Exchange Server had not yet been implemented by tens of thousands of customers.
Crawford’s Cyber Team has already received numerous notifications from clients to assist with these attacks and we have a worldwide network of experienced responders able to assist. Whether from the outset through an incident management facility, or through the strategic management of the claim and costs through our loss adjusting service, we can assist.
Where required, we can introduce experts from our vendor network to assist with specialist advice in the management and investigation of this incident. We have favourable rates with our vendors and have opportunities for fixed fee arrangements where appropriate.
Any questions regarding these attacks or to further understand how Crawford’s specialist expertise and experience can assist and support clients in mitigating an incident; through containment, investigation, recovery and resolution, please contact Philip Roberts – philip.roberts@crawco.co.uk.
