CARY – Microsoft’s disclosure earlier this week of a major hack attack following rapidly on the heels of the SolarWinds cyber debacle should have company CEOs reacting and preparing for another one.

So says Eric Hobbs, CEO and founder of Cary-based Technology Associates, a full-service technology solutions provider.

Eric Hobbs (Technology Associates photo)

In an exclusive Q&A, Hobbs discusses how executives should be responding to cyber threats:

How serious is this threat that Microsoft disclosed- as big as SolarWinds?

All threats should be classified as serious when it comes to protecting your company and client data. This latest vulnerability is not necessarily on the same scale as Solarwinds, simply because most businesses have transitioned away from on-premises Exchange services and now use Microsoft’s cloud-based services. The hackers were targeting specific businesses in this instance.

Microsoft warns ‘highly skilled’ China-based hackers targeting US firms, universities

What should companies, organizations do immediately to prevent a hack?

Companies should immediately update their on-premises Exchange server, as Microsoft has already released a patch for this specific vulnerability. Patching maintenance is absolutely critical for all servers and workstations a regular basis.

How can these organizations check to see if a hack has already occurred?

If your company has an on-premises Exchange server and you are in one of the targeted business sectors, you should assume you’ve been breached.

Get your team to start combing through the Exchange server logs and firewall logs.

Notice any unusual connections from foreign IP addresses?

Notice any large extractions of data?

Prove that you have not been breached, and do not assume everything is ok.

What should companies be doing on a routine basis to improve security against such big state-sponsored or state-linked hacking efforts?

As a business owner, you need to know exactly where your vulnerabilities are. It is too risky to assume that everything is protected.

Know your business, keep it right and tight.

Perform regular audits on patching, logging, user accounts, password changes.

At the core of the massive Solarwinds attack, was one simple password “Solarwinds123.”

Following regular best practices and procedures could have prevented the entire hack by just changing that password.

About Eric Hobbs

Eric Hobbs started in 1991 as Network Administrator for a professional liability insurance carrier and was later promoted to IT Manager.  In 1997, Eric started Technology Associates with the mission to provide ‘Big Company IT’ to businesses who didn’t have an IT staff.  Over the years, Eric has worked with businesses large and small to help leverage technology for a competitive advantage.