Privacy, Technology and Perspective
Small Businesses and Local Governments In Cyberwar Crosshairs? On March 5th, security blogger Brian Krebs reported that an “unusually aggressive Chinese cyber espionage unit” had gained access to more than 30,000 U.S. organizations” by exploiting flaws in Microsoft Exchange Server email software. To read Krebs’ post, click the following link:
Microsoft’s Security team has reported that “the target of these attacks is a type of email server most often used by small and medium-sized businesses, although larger organizations with on-premises Exchange servers have also been affected.” Organizations utilizing an on-premises Exchange servers should be taking steps to mitigate the latest vulnerabilities, if they have not already. A link to Microsoft’s blog detailing the mitigation steps that should be taken follows:
In addition, we three suggestions:
1. Protecting your company’s systems and data is critical, even for small organizations.
Small businesses, schools and local governments have been the primary victims of this hack. Yet, this isn’t the first time that small organizations have been targeted by a nation-state, and we still often hear: “These are nation-state attacks. Why on earth do you think [the Chinese government] wants to hack our [small rural county, florist shop, local parts company]? What have we got that would be worth that trouble and cost?”
Answers: (a) Your systems can serve as a backdoor — attackers can steal personal and financial information, hijack other devices, access additional systems and install additional malware; (b) Your data is valuable — We are living in a time where the competition between the United States and China for Artificial Intelligence (“AI”) primacy is raging – AI becomes smarter because of data, and more data usually means better AI. While your data, standing alone, may not be interesting, the aggregated data of thousands of businesses and governments, when analyzed, can provide unimaginable insights that are not just interesting, but even existential; and (c) A nation-state’s marginal cost to hack to your [small rural county, etc.] is nil. Foreign adversaries spend the money exploiting one seemingly trivial vulnerabilities in a supplier like Microsoft, and that’s how it gets to your company.
2. Immediate Response is Key.
Microsoft released emergency security updates. See above for the link to Microsoft’s blog detailing these updates, along with other mitigation steps. If affected, your systems need to be updated immediately.
The greater lesson is that active IT vigilance and immediate response and mitigation are essential. CISA has helpful alerts that your network administrator should monitor to stay current. A link follows:
3. When the U.S. Government assigns blame publicly, it is a big deal.
Yesterday, March 12th, Jake Sullivan, the National Security Adviser, announced that the U.S. Government” will be able to attribute the cyberattack to those who executed it in the near future.” A link to an article detailing his comments follows:
Such a release for disclosure is significant. An official announcement – or accusation – of the United States against another nation of an act of aggression on this scale is, itself, a major act of foreign policy, usually presaging a significant U.S. Government response of some kind.
Hosch & Morris, PLLC is a boutique law firm dedicated to data privacy and protection, cybersecurity, the Internet and technology. Open the Future℠.