Has the HAFNIUM Attack Made On-Premises Exchange Too Risky to Maintain?
“Microsoft continues to see multiple actors taking advantage of unpatched systems to attack organizations with an on-premises Exchange Server.” March 8th, 2021. Microsoft Threat Intelligence Center (MSTIC). By now you’ve all heard the news about the continuing attacks taking place against on-premises Exchange servers globally, which is believed to have been orchestrated by HAFNIUM. According to MSTIC, “HAFNIUM primarily targets entities in the United States across a number of industry sectors, including infectious disease researchers, law firms, higher education institutions, defense contractors, policy think tanks, and NGOs.”
SECURITY
Richard Dean
3/21/20211 min read
I imagine many organizations not just in the United States but around the world are asking themselves right now, “Did the HAFNIUM attacks make on-premises Exchange too risky to maintain?” Over the coming days, weeks, and months many organizations are going to start calculating the risk and cost of operating on-premises Exchange and the related systems as a long-term strategy.
Many of these organizations will identify the business drivers to justify the full consolidation of their on-premises Exchange infrastructure in favor of services and features available in Exchange Online and Microsoft 365. As Tony Redmond, Microsoft MVP and noted author stated in his recent Practical365.com article on this topic, “The bottom line is that if you can move email off on-premises Exchange to the cloud you should do so as quickly as you can.”
What does it take to decommission an on-premises Exchange infrastructure?
