The SharePoint Vulnerability Crippling Governments
This ancient SharePoint vulnerability is a cautionary tale for businesses big and small… If you’ve been holding off on your SharePoint updates, now is your motivation to do it.
Software updates can often feel like an annoying task, small enough to push back and back. But in reality they’re an essential part of business security, improving compatibility, and enhancing your programs. Software updates fix vulnerabilities and ensure all your devices and apps are working as they should.
The cautionary tale of SharePoint vulnerabilities
In July 2019, hackers gained access to UN computer servers in Vienna and Geneva. In one of the largest-ever breaches of UN information, the hackers gained access to thousands of staff records, contracts, databases, and passwords.
After IT technicians discovered the attack, they worked through two weekends to isolate +40 compromised computers. 20 of which, had to be completely rebuilt.
The hackers accessed the UN’s servers by exploiting a SharePoint vulnerability. Microsoft had issued a fix for the SharePoint vulnerability earlier in 2019, but it’s unlikely those updates had been installed on UN servers at the point of the attack.
Fast forward three years, the same vulnerability is still making countless users vulnerable to attacks. Earlier this year, Iranian state-backed actors are believed to have used the same SharePoint vulnerability to target the Albanian government servers over a period of several months. After the hacks discovery, Albania broke off ties with Iran.
Security warnings you should listen to
As a long standing leader in cyber protection, Microsoft’s security warnings are no laughing matter. Here are some of the bigger ones, outside of SharePoint vulnerabilities:
Internet of Things (IoT) security flaws
Earlier this month, Microsoft identified a huge number of potential IoT security issues. Finding unpatched, high severity vulnerabilities in 75% of the most common industrial controllers in Customer Operational technology networks.
Warnings for Winter
Microsoft has warned European businesses to be on alert this winter following a series of attacks hit Russian organisations – including the countries second largest bank.
The government controlled St Petersburg based VTB financial institution announced it was facing an “unprecedented cyber attack from abroad” and added the DDoS flood was the largest in the banks history.
Cyberattacks are on the rise
Cyberattacks and ransomware attacks are on the rise. With a 42% rise in the first part of 2022 (Compared to the previous year). But all too often, security tools are siloed or not designed to meet the needs to todays businesses. The result is an overworked IT team, unaddressed alerts, undetected threats, and ignored updates. As the threat landscape evolves, protecting your digital business data requires an agile approach that empowers you to protect your data.