SolarWinds Attackers May Have Hit Mimecast, Driving New ConcernsSolarWinds Attackers May Have Hit Mimecast, Driving New Concerns
Mimecast no longer uses the SolarWinds Orion network management software that served as an attack vector for thousands of organizations.
January 14, 2021
The discovery of a data breach at email service provider Mimecast could indicate attackers behind the massive SolarWinds incident may have pursued multiple paths to infiltrate target organizations, a new report states.
Earlier this week, Mimecast confirmed an attacker had compromised a certificate provided to certain customers to authenticate Mimecast products to Microsoft 365 Exchange Web Services. The tools and techniques used in this attack link these operators to those who recently targeted SolarWinds, The Wall Street Journal reports.
The SolarWinds attack affected some 18,000 public and private organizations that downloaded infected versions of legitimate updates to its Orion network management software. However, the attack on Mimecast shows not all victims had to be SolarWinds customers to be targeted.
Mimecast was a SolarWinds customer in the past but no longer uses the Orion software, a person familiar with the matter told WSJ. The company has not determined how attackers got in or whether its earlier use of SolarWinds could have left it vulnerable.
As security experts note, Mimecast digital certificates could enable attackers to read data stored on Microsoft Exchange servers. Mimecast says the incident affected about 10% of its customers. It's asking those who use this certificate-based connection to delete the existing connection in their Microsoft 365 tenant and establish a new certificate-based connection with a new certificate it has made available.
Read the full report for more details.
About the Author(s)
You May Also Like
Hacking Your Digital Identity: How Cybercriminals Can and Will Get Around Your Authentication MethodsOct 26, 2023
Modern Supply Chain Security: Integrated, Interconnected, and Context-DrivenNov 06, 2023
How to Combat the Latest Cloud Security ThreatsNov 06, 2023
Reducing Cyber Risk in Enterprise Email Systems: It's Not Just Spam and PhishingNov 01, 2023
SecOps & DevSecOps in the CloudNov 06, 2023
9 Traits You Need to Succeed as a Cybersecurity Leader
The Ultimate Guide to the CISSP
Protecting Critical Infrastructure: The 2021 Energy, Utilities, and Industrials Cyber Threat Landscape Report
2021 Gartner Market Guide for Managed Detection and Response Report
Supply Chain Cyber Risk Management Whitepaper