Monday, March 8, 2021

Hafnium and the Potential Problems on Microsoft Exchange Servers

 



For years we have referred to most of the Internet as The World Wide Web, which in a way was true even in the early days of the online world.  However, never has that term been more relevant than it is today.  I say that mainly because not only can we easily access computers located anywhere around the globe, but because we are more dependent on machines located in remote sites than ever before.

Think about that for a second... I'll wait.  Do you use Gmail or some other web based email program?  If so, you have NO idea where your data is being stored.  In fact, due to backups, your data is probably in a number of different computers in a number of different data centers all over the planet.  Do you use any outside third party service for patient communication or even do you use a web based practice management platform?  In those cases,  it's the same situation.

Now I'm way to much of a technophile to see any of this as a bad thing.  Matter of fact I love the speed and efficiency all of this interconnectedness provides.  However every upside has its downside and so it is with our high-speed interconnected lives.  Part of the price we pay is the constant battle to keep data secure.  Of course, this isn't a battle that we fight as individuals.  Just like electricity and fresh water, we don't make our own.  We are dependent on others who are experts in their field to provide us with what we need... in this case security.  And that brings us to the root of today's post.  

My grandfather used to always say, "Son, locks keep the honest people honest."  Which is really true.  If an honest person tries the door and it is locked, he leaves.  A dishonest person tries the door, finds it locked, and then throws a rock through the window and goes inside.  It's not that different with data security.  The interesting thing about data security is that we have all, everyone of us, become so desensitized to being the victims of data theft that when we get an alert from Capital One, we yawn and move on with our lives.

Yet sometimes there is a weakness found in a system that is pretty severe and the general public probably needs to know.  Personally and professionally I'm always impressed when a company comes forward and admits to a security flaw.  Even though these problems are expected, it's rare that a company admits to it, for some reason.  I think they view is as a sign of weakness... sort of like Master Lock admitting that their best selling model can be opened with a paper clip.  However, on the rare times that a company admits this, I say they deserve kudos.  It's a brave thing to do.

That's why I was impressed to see the Microsoft made an announcement about such a flaw last week when they revealed via a blog post that there is a serious security flaw in their Exchange Server software.  The post, which is attributed to Tom Burt - Corporate Vice President, Customer Security& Trust announces that the company has patched a vulnerability in the Exchange Server software that was being exploited by a nation state group of hackers.  The group is called Hafnium and is funded and sponsored by China.  It seems that this is the first time Microsoft has mentioned their existence and by doing so seems to be hoping to prevent the group from perpetrating more malicious attacks.

The post is a short, but very interesting read.  You can find it here...

I would advise that if you are using an outside vendor for things like email (we all are) or if you are running your practice management software from the cloud, that you contact your provider and make sure their system is patched.  Chances are their answer will be "yes" as Microsoft has done a great job of creating a great amount of public awareness over this vulnerability, but it never hurts to be sure.

No comments:

Post a Comment