Our client, a regional healthcare provider, downloaded and installed a security update for their on-premises Microsoft Exchange 2016 server. After the installation was completed, issues began to surfacethat resulted in all email delivery being suspended. They suspected the newly discovered HAFNIUM vulnerability may have compromised their mail server. This event impacted the entire clinical and business operations of the medical group.
Throughout the course of the assessment, MFC and the medical group noted the mail server performance was severely degraded. The most resilient path forward was to rebuild the Microsoft Exchange server including the latest cumulative update and security patches to ensure all activity related to the malicious activities would be removed. This rebuild also addressed performance issues. After MFC validated the Microsoft Exchange server was back online and operational, and confirmed that the external interface was secure, it was opened up to external access. As an additional safety measure, they blocked all inbound and outbound internet traffic to/from IP addresses associated with the HAFNIUM attack.
Pivot Point Consulting and its Vaco sister company, MorganFranklin Cyber (MFC), were called in to provide a rapid response to the critical situation.
The scope of our services included:
In addition to resolving the HAFNIUM vulnerability issue and fully restoring the medical group’s Microsoft Exchange server in less than 48 hours, Pivot Point Consulting and MFC recommended the following measures to prevent future breaches:
Together, let’s take a professional adventure bigger than we ever imagined. Join our newsletter list for inspiration, motivation, and exploration.
If you are looking for business solutions please complete the form below to be contacted by one of our team members.
If you are a job seeker and would like to submit your resume please fill out a form on our Job Seeker page.