Criminal hacking groups piling on to escalating Microsoft Exchange crisis

Posted:
in General Discussion
The Microsoft Exchange Server hack is becoming an even bigger security problem, due to an influx of more hacking groups attempting to take advantage of the situation before affected companies can patch their servers.




Revealed on March 3 by Microsoft, an attack by Chinese hacking group "Hafnium" targeted vulnerabilities in Microsoft Exchange Server, prompting the release of patches. Shortly after the announcement, Hafnium stepped up its attacks to hit 30,000 U.S. organizations and others around the world within a few days, but now others have joined the fray.

Security experts told the Financial Times that more hacking groups are using the opportunity to perform their own attacks using the same vulnerability. The hackers, including criminal groups, are stepping in to take advantage of the software flaws before organizations hosting servers can patch and protect them.

For many, it is probably too late to preemptively patch the issue. "Every possible victim that hadn't patched by mid-to-end of last week has already been hit by at least one or several actors," proposed security group CrowdStrike co-founder Dmitri Alperovitch.

Outside of the United States, the European Banking Authority became the first major public body to confirm it was compromised by attacks.

The scale of the inflated attacks will be a serious problem for some time, prompting governmental intervention. The Cybersecurity and Infrastructure Security Agency (CISA) has urged "All organizations across all sectors to follow guidance to address the widespread domestic and international exploitation" of the vulnerabilities.

There is also advice to use of Microsoft's IOC detection tool to determine if a compromise of vulnerable systems has taken place. Meanwhile the White House National Security Council claimed "It is essential that any organization with a vulnerable server take immediate measures to determine if they were already targeted."
«1

Comments

  • Reply 1 of 25
    GeorgeBMacGeorgeBMac Posts: 10,462member
    They didn't just jump in.   Those outside hacking groups have been in there hacking all along (from U.S based servers).

    But, yeh, let's parrot the Microsoft excuse that they are the helpless victim of state sponsored cyberwarfare.  It fits neatly into the "I hate China" mantra and gets a U.S. company off the hook for again failing to secure their systems.

    The U.S. has been the ongoing victim of cybercrimes for over a decade.  The crimes have been committed by foreign terrorists, state sponsored terrorists and by domestic cyberterrorists.   It is time, past time, that the U.S. establish a centralized organization to independently investigate such crimes and attacks (both in terms of who did it, why, and how -- as well as who left the door unlocked) as well as to develop ways to protect us from them -- including prison time for domestic cyberterrorists and repercussions for international ones (whether sponsored by a state or operating privately. 

    We did not tolerate a president steeling data from a political opponent.  We did not tolerate terrorists blowing our buildings.  So why do we tolerate terrorists blowing up an organization's information systems and stealing their data?

    Obviously more of the same will only get us more of the same.
    ... Oh yeh, never mind.   We definitely need more F35's and Aircraft carriers.  So we just can't afford to protect ourselves from the real enemies.  

    jony0
  • Reply 2 of 25
    tzeshantzeshan Posts: 2,351member
    They didn't just jump in.   Those outside hacking groups have been in there hacking all along (from U.S based servers).

    But, yeh, let's parrot the Microsoft excuse that they are the helpless victim of state sponsored cyberwarfare.  It fits neatly into the "I hate China" mantra and gets a U.S. company off the hook for again failing to secure their systems.

    The U.S. has been the ongoing victim of cybercrimes for over a decade.  The crimes have been committed by foreign terrorists, state sponsored terrorists and by domestic cyberterrorists.   It is time, past time, that the U.S. establish a centralized organization to independently investigate such crimes and attacks (both in terms of who did it, why, and how -- as well as who left the door unlocked) as well as to develop ways to protect us from them -- including prison time for domestic cyberterrorists and repercussions for international ones (whether sponsored by a state or operating privately. 

    We did not tolerate a president steeling data from a political opponent.  We did not tolerate terrorists blowing our buildings.  So why do we tolerate terrorists blowing up an organization's information systems and stealing their data?

    Obviously more of the same will only get us more of the same.
    ... Oh yeh, never mind.   We definitely need more F35's and Aircraft carriers.  So we just can't afford to protect ourselves from the real enemies.  

    For decades Microsoft has treated its users as sheep. Because its OS and applications are full of bugs. Mac fans knew this for a long long time. The end result is most Americans don't really know how personal computers work. The jobs are relegated to ITs, Then there is a conflict of interest. The national security agents are mostly computer idiots. To conceal their ignorance of personal computer, they conveniently blame all hacker to foreign governments.
    GeorgeBMacGabyjony0watto_cobra
  • Reply 3 of 25
    GabyGaby Posts: 179member
    Microsoft should be held accountable both financially and otherwise for their incompetence and negligence. And I sincerely hope that companies relying on Microsoft etc to secure their systems learn from this mistake. In saying that the U.S gov is as much to blame for their complacency. 
    GeorgeBMacjony0watto_cobra
  • Reply 4 of 25
    I doubt this will change anything. So many organisations have bought fully into the MS dream world and they are not going to admit any mistake. Everyone will be very busy putting out this umpteenth fire, but after that it will be business as usual. 

    The saying used to be: "Nobody ever got fired for buying IBM", and the same goes for Microsoft too. It's the perfect lock-in. And MS IT-departments want to be locked in in order to show the need for their size and budgets. Managements love it because it makes them seem more important. 

    So I think same old will remain same old.

    I wish Apple had continued building their own back end infrastructure, but they left it to MS. Not good for Apple.
    seanjGeorgeBMacjony0watto_cobracgWerks
  • Reply 5 of 25
    danvmdanvm Posts: 1,173member
    tzeshan said:
    They didn't just jump in.   Those outside hacking groups have been in there hacking all along (from U.S based servers).

    But, yeh, let's parrot the Microsoft excuse that they are the helpless victim of state sponsored cyberwarfare.  It fits neatly into the "I hate China" mantra and gets a U.S. company off the hook for again failing to secure their systems.

    The U.S. has been the ongoing victim of cybercrimes for over a decade.  The crimes have been committed by foreign terrorists, state sponsored terrorists and by domestic cyberterrorists.   It is time, past time, that the U.S. establish a centralized organization to independently investigate such crimes and attacks (both in terms of who did it, why, and how -- as well as who left the door unlocked) as well as to develop ways to protect us from them -- including prison time for domestic cyberterrorists and repercussions for international ones (whether sponsored by a state or operating privately. 

    We did not tolerate a president steeling data from a political opponent.  We did not tolerate terrorists blowing our buildings.  So why do we tolerate terrorists blowing up an organization's information systems and stealing their data?

    Obviously more of the same will only get us more of the same.
    ... Oh yeh, never mind.   We definitely need more F35's and Aircraft carriers.  So we just can't afford to protect ourselves from the real enemies.  

    For decades Microsoft has treated its users as sheep. Because its OS and applications are full of bugs. Mac fans knew this for a long long time. The end result is most Americans don't really know how personal computers work. The jobs are relegated to ITs, Then there is a conflict of interest. The national security agents are mostly computer idiots. To conceal their ignorance of personal computer, they conveniently blame all hacker to foreign governments.
    From what I have seen, MS OS and applications has bugs as every other vendor, including Apple.  Considering they dominate the enterprise, most of the time they have been proved very secure, even though they are not perfect, like this case with Exchange.  But if you look back, I think it has been years since the last time they had a major issue like this in Exchange, or even other server applications and services, including Windows Server and SQL Server.  
  • Reply 6 of 25
    danvmdanvm Posts: 1,173member
    Gaby said:
    Microsoft should be held accountable both financially and otherwise for their incompetence and negligence. And I sincerely hope that companies relying on Microsoft etc to secure their systems learn from this mistake. In saying that the U.S gov is as much to blame for their complacency. 
    I suppose that we should also held accountable other companies, like Apple, when they release software with security bugs, right?  And from what I know, it has been years that Exchange or any other server application / service from has had a major issue.  So I don't think that this case, even though is bad, means they are incompetent.  At least, they should learn from it and improve their security.
  • Reply 7 of 25
    danvmdanvm Posts: 1,173member
    I doubt this will change anything. So many organisations have bought fully into the MS dream world and they are not going to admit any mistake. Everyone will be very busy putting out this umpteenth fire, but after that it will be business as usual. 

    The saying used to be: "Nobody ever got fired for buying IBM", and the same goes for Microsoft too. It's the perfect lock-in. And MS IT-departments want to be locked in in order to show the need for their size and budgets. Managements love it because it makes them seem more important. 

    So I think same old will remain same old.

    I wish Apple had continued building their own back end infrastructure, but they left it to MS. Not good for Apple.
    Most business / enterprises are fully into MS because they offer the best enterprise / business ecosystem in the market.  The same benefits you see with Apple ecosystem with consumers, is with MS with their business / enterprise software.  Even though they are not perfect, as the security issue with Exchange show, most of the time they have been proved very secure, specially with their server / business software.  
  • Reply 8 of 25
    badmonkbadmonk Posts: 998member
    If Apple made Exchange software, the class action lawsuits and congressional investigations would already be underway.
    edited March 9 viclauyycseanjGeorgeBMacjony0watto_cobra
  • Reply 9 of 25
    dewmedewme Posts: 3,886member
     It is time, past time, that the U.S. establish a centralized organization to independently investigate such crimes and attacks (both in terms of who did it, why, and how -- as well as who left the door unlocked) as well as to develop ways to protect us from them -- including prison time for domestic cyberterrorists and repercussions for international ones (whether sponsored by a state or operating privately.     

    The US already has such an organization: US-CERT / CISA which is under the authority of the Department of Homeland Security (DHS). Sadly, there is only one domain specific specialization for industrial control systems (ICS-CERT). That's great, but why are there not also additional domain specific specialization for other critical infrastructure domains, such as banking, medical systems, transportation, commerce, energy, etc? You really need those who are deeply immersed in these individual domains to be working hand-in-hand with security practitioners and experts. You cannot protect what you don't understand, so there will never be a one-size-fits-all response to threats that affect different domains/systems.

    I hate to use broad brush statements, but from what I've seen in the one area that has received a good deal of attention is that government policy is driven by reactions and responses to events that highlight a specific vulnerability. In other words, we seem to wait for a fire to break out and burn down a few city blocks before we start talking about the need to create a fire department. Once a fire department is created and you get it staffed appropriately, with domain experts and professional fire fighters working together, things can get more proactive and prevention oriented. But it really comes down to reactionary policies and actions taken after the fire has burned down the barn and all of the cows are long gone, or barbecued.

    You see this not only in government, but in industry as well. What's the first thing you hear from a company, e.g. "MegaCorp," after a serious security or privacy breach? They always say the same thing: "We at MegaCorp take security very seriously!" Are they lying? No, because at that point in time they do take security very seriously. It's soothing to corporate leaders to ignore past indiscretions and promise to be good in the future. This is exactly how a 6-year old child confronts their failures. What they will never say is something like: "We at MegaCorp took security very seriously last week when we totally screwed the pooch and let hackers infiltrate our corporate networks. Yeah, we totally failed our shareholders and our customers. But we will make amends, compensate our customers for their loss as best we can, and fix our problems." Yeah, I know, that would be crazy talk, adults acting like adults and taking responsibility without governmental or legal intervention.
    edited March 9 GeorgeBMacwatto_cobracgWerks
  • Reply 10 of 25
    GeorgeBMacGeorgeBMac Posts: 10,462member
    dewme said:
     It is time, past time, that the U.S. establish a centralized organization to independently investigate such crimes and attacks (both in terms of who did it, why, and how -- as well as who left the door unlocked) as well as to develop ways to protect us from them -- including prison time for domestic cyberterrorists and repercussions for international ones (whether sponsored by a state or operating privately.     

    The US already has such an organization: US-CERT / CISA which is under the authority of the Department of Homeland Security (DHS). Sadly, there is only one domain specific specialization for industrial control systems (ICS-CERT). That's great, but why are there not also additional domain specific specialization for other critical infrastructure domains, such as banking, medical systems, transportation, commerce, energy, etc? You really need those who are deeply immersed in these individual domains to be working hand-in-hand with security practitioners and experts. You cannot protect what you don't understand, so there will never be a one-size-fits-all response to threats that affect different domains/systems.

    I hate to use broad brush statements, but from what I've seen in the one area that has received a good deal of attention is that government policy is driven by reactions and responses to events that highlight a specific vulnerability. In other words, we seem to wait for a fire to break out and burn down a few city blocks before we start talking about the need to create a fire department. Once a fire department is created and you get it staffed appropriately, with domain experts and professional fire fighters working together, things can get more proactive and prevention oriented. But it really comes down to reactionary policies and actions taken after the fire has burned down the barn and all of the cows are long gone, or barbecued.

    You see this not only in government, but in industry as well. What's the first thing you hear from a company, e.g. "MegaCorp," after a serious security or privacy breach? They always say the same thing: "We at MegaCorp take security very seriously!" Are they lying? No, because at that point in time they do take security very seriously. It's soothing to corporate leaders to ignore past indiscretions and promise to be good in the future. This is exactly how a 6-year old child confronts their failures. What they will never say is something like: "We at MegaCorp took security very seriously last week when we totally screwed the pooch and let hackers infiltrate our corporate networks. Yeah, we totally failed our shareholders and our customers. But we will make amends, compensate our customers for their loss as best we can, and fix our problems." Yeah, I know, that would be crazy talk, adults acting like adults and taking responsibility without governmental or legal intervention.
    Yep!
    And that is precisely why I think this current wave of hatred and resulting smear campaigns against China are dangerous to the United States.
    It distracts from the real enemies, the real dangers and the real challenges facing this nation.  But, perhaps that is its intent.

    It is the equivalent of the infamous:  "Look over there...." routine as the victim is then mugged.

    edited March 10 cgWerks
  • Reply 11 of 25
    nicholfdnicholfd Posts: 660member
    danvm said:
    tzeshan said:
    They didn't just jump in.   Those outside hacking groups have been in there hacking all along (from U.S based servers).

    But, yeh, let's parrot the Microsoft excuse that they are the helpless victim of state sponsored cyberwarfare.  It fits neatly into the "I hate China" mantra and gets a U.S. company off the hook for again failing to secure their systems.

    The U.S. has been the ongoing victim of cybercrimes for over a decade.  The crimes have been committed by foreign terrorists, state sponsored terrorists and by domestic cyberterrorists.   It is time, past time, that the U.S. establish a centralized organization to independently investigate such crimes and attacks (both in terms of who did it, why, and how -- as well as who left the door unlocked) as well as to develop ways to protect us from them -- including prison time for domestic cyberterrorists and repercussions for international ones (whether sponsored by a state or operating privately. 

    We did not tolerate a president steeling data from a political opponent.  We did not tolerate terrorists blowing our buildings.  So why do we tolerate terrorists blowing up an organization's information systems and stealing their data?

    Obviously more of the same will only get us more of the same.
    ... Oh yeh, never mind.   We definitely need more F35's and Aircraft carriers.  So we just can't afford to protect ourselves from the real enemies.  

    For decades Microsoft has treated its users as sheep. Because its OS and applications are full of bugs. Mac fans knew this for a long long time. The end result is most Americans don't really know how personal computers work. The jobs are relegated to ITs, Then there is a conflict of interest. The national security agents are mostly computer idiots. To conceal their ignorance of personal computer, they conveniently blame all hacker to foreign governments.
    From what I have seen, MS OS and applications has bugs as every other vendor, including Apple.  Considering they dominate the enterprise, most of the time they have been proved very secure, even though they are not perfect, like this case with Exchange.  But if you look back, I think it has been years since the last time they had a major issue like this in Exchange, or even other server applications and services, including Windows Server and SQL Server.  
    And you would be wrong.  Please do your research before posting nonsense like this.
    GeorgeBMacwatto_cobraGaby
  • Reply 12 of 25
    nicholfdnicholfd Posts: 660member

    danvm said:
    I doubt this will change anything. So many organisations have bought fully into the MS dream world and they are not going to admit any mistake. Everyone will be very busy putting out this umpteenth fire, but after that it will be business as usual. 

    The saying used to be: "Nobody ever got fired for buying IBM", and the same goes for Microsoft too. It's the perfect lock-in. And MS IT-departments want to be locked in in order to show the need for their size and budgets. Managements love it because it makes them seem more important. 

    So I think same old will remain same old.

    I wish Apple had continued building their own back end infrastructure, but they left it to MS. Not good for Apple.
    Most business / enterprises are fully into MS because they offer the best enterprise / business ecosystem in the market.  The same benefits you see with Apple ecosystem with consumers, is with MS with their business / enterprise software.  Even though they are not perfect, as the security issue with Exchange show, most of the time they have been proved very secure, specially with their server / business software.  
    And again, you would be wrong.  Most businesses and enterprises are in to MS because it's what they know, and it's the "easy" path.  Microsoft has NEVER proven they are "very secure", especially with there server/business software.
    watto_cobraGeorgeBMacGaby
  • Reply 13 of 25
    cgWerkscgWerks Posts: 2,747member
    I doubt this will change anything. So many organisations have bought fully into the MS dream world and they are not going to admit any mistake. Everyone will be very busy putting out this umpteenth fire, but after that it will be business as usual. 
    Yeah, I had to install several Exchange servers a couple decades or so back, and while I suppose a lot has changed in that time, they were utter crap back then. Same for all the pushes at the time to build on what would be the IE6 platform (and we know how that turned out). Popular IT seems to be about as solid as popular culture.
    GeorgeBMac
  • Reply 14 of 25
    danvmdanvm Posts: 1,173member
    nicholfd said:
    danvm said:
    tzeshan said:
    They didn't just jump in.   Those outside hacking groups have been in there hacking all along (from U.S based servers).

    But, yeh, let's parrot the Microsoft excuse that they are the helpless victim of state sponsored cyberwarfare.  It fits neatly into the "I hate China" mantra and gets a U.S. company off the hook for again failing to secure their systems.

    The U.S. has been the ongoing victim of cybercrimes for over a decade.  The crimes have been committed by foreign terrorists, state sponsored terrorists and by domestic cyberterrorists.   It is time, past time, that the U.S. establish a centralized organization to independently investigate such crimes and attacks (both in terms of who did it, why, and how -- as well as who left the door unlocked) as well as to develop ways to protect us from them -- including prison time for domestic cyberterrorists and repercussions for international ones (whether sponsored by a state or operating privately. 

    We did not tolerate a president steeling data from a political opponent.  We did not tolerate terrorists blowing our buildings.  So why do we tolerate terrorists blowing up an organization's information systems and stealing their data?

    Obviously more of the same will only get us more of the same.
    ... Oh yeh, never mind.   We definitely need more F35's and Aircraft carriers.  So we just can't afford to protect ourselves from the real enemies.  

    For decades Microsoft has treated its users as sheep. Because its OS and applications are full of bugs. Mac fans knew this for a long long time. The end result is most Americans don't really know how personal computers work. The jobs are relegated to ITs, Then there is a conflict of interest. The national security agents are mostly computer idiots. To conceal their ignorance of personal computer, they conveniently blame all hacker to foreign governments.
    From what I have seen, MS OS and applications has bugs as every other vendor, including Apple.  Considering they dominate the enterprise, most of the time they have been proved very secure, even though they are not perfect, like this case with Exchange.  But if you look back, I think it has been years since the last time they had a major issue like this in Exchange, or even other server applications and services, including Windows Server and SQL Server.  
    And you would be wrong.  Please do your research before posting nonsense like this.
    I did some research, I didn't found major issues like the one with Exchange in their server applications and services in recent years. But I could be wrong.  Can you post links with information about major security issues in MS server applications and services?
  • Reply 15 of 25
    danvmdanvm Posts: 1,173member
    nicholfd said:

    danvm said:
    I doubt this will change anything. So many organisations have bought fully into the MS dream world and they are not going to admit any mistake. Everyone will be very busy putting out this umpteenth fire, but after that it will be business as usual. 

    The saying used to be: "Nobody ever got fired for buying IBM", and the same goes for Microsoft too. It's the perfect lock-in. And MS IT-departments want to be locked in in order to show the need for their size and budgets. Managements love it because it makes them seem more important. 

    So I think same old will remain same old.

    I wish Apple had continued building their own back end infrastructure, but they left it to MS. Not good for Apple.
    Most business / enterprises are fully into MS because they offer the best enterprise / business ecosystem in the market.  The same benefits you see with Apple ecosystem with consumers, is with MS with their business / enterprise software.  Even though they are not perfect, as the security issue with Exchange show, most of the time they have been proved very secure, specially with their server / business software.  
    And again, you would be wrong.  Most businesses and enterprises are in to MS because it's what they know, and it's the "easy" path.  Microsoft has NEVER proven they are "very secure", especially with there server/business software.
    Maybe is the easy path because MS has the best business / enterprise ecosystem.  And their integration of on-premise with Azure is excellent.  As today, no one is close to them.  And their server / cloud applications and services have been prove very secure.  Again, maybe I'm wrong, but I didn't find other major issues as the one with Exchange for their enterprise / business software and services in past years.  You could post some links clarifying that.  
  • Reply 16 of 25
    GeorgeBMacGeorgeBMac Posts: 10,462member
    danvm said:
    nicholfd said:

    danvm said:
    I doubt this will change anything. So many organisations have bought fully into the MS dream world and they are not going to admit any mistake. Everyone will be very busy putting out this umpteenth fire, but after that it will be business as usual. 

    The saying used to be: "Nobody ever got fired for buying IBM", and the same goes for Microsoft too. It's the perfect lock-in. And MS IT-departments want to be locked in in order to show the need for their size and budgets. Managements love it because it makes them seem more important. 

    So I think same old will remain same old.

    I wish Apple had continued building their own back end infrastructure, but they left it to MS. Not good for Apple.
    Most business / enterprises are fully into MS because they offer the best enterprise / business ecosystem in the market.  The same benefits you see with Apple ecosystem with consumers, is with MS with their business / enterprise software.  Even though they are not perfect, as the security issue with Exchange show, most of the time they have been proved very secure, specially with their server / business software.  
    And again, you would be wrong.  Most businesses and enterprises are in to MS because it's what they know, and it's the "easy" path.  Microsoft has NEVER proven they are "very secure", especially with there server/business software.
    Maybe is the easy path because MS has the best business / enterprise ecosystem.  And their integration of on-premise with Azure is excellent.  As today, no one is close to them.  And their server / cloud applications and services have been prove very secure.  Again, maybe I'm wrong, but I didn't find other major issues as the one with Exchange for their enterprise / business software and services in past years.  You could post some links clarifying that.  

    Wrong
  • Reply 17 of 25
    danvmdanvm Posts: 1,173member
    danvm said:
    nicholfd said:

    danvm said:
    I doubt this will change anything. So many organisations have bought fully into the MS dream world and they are not going to admit any mistake. Everyone will be very busy putting out this umpteenth fire, but after that it will be business as usual. 

    The saying used to be: "Nobody ever got fired for buying IBM", and the same goes for Microsoft too. It's the perfect lock-in. And MS IT-departments want to be locked in in order to show the need for their size and budgets. Managements love it because it makes them seem more important. 

    So I think same old will remain same old.

    I wish Apple had continued building their own back end infrastructure, but they left it to MS. Not good for Apple.
    Most business / enterprises are fully into MS because they offer the best enterprise / business ecosystem in the market.  The same benefits you see with Apple ecosystem with consumers, is with MS with their business / enterprise software.  Even though they are not perfect, as the security issue with Exchange show, most of the time they have been proved very secure, specially with their server / business software.  
    And again, you would be wrong.  Most businesses and enterprises are in to MS because it's what they know, and it's the "easy" path.  Microsoft has NEVER proven they are "very secure", especially with there server/business software.
    Maybe is the easy path because MS has the best business / enterprise ecosystem.  And their integration of on-premise with Azure is excellent.  As today, no one is close to them.  And their server / cloud applications and services have been prove very secure.  Again, maybe I'm wrong, but I didn't find other major issues as the one with Exchange for their enterprise / business software and services in past years.  You could post some links clarifying that.  

    Wrong
    Like I said, I haven't found article or cases where MS business / enterprise software and services have been compromised in recent years as the case with have with Exchange.  But since you say that I'm wrong, maybe you could post articles about this.
  • Reply 18 of 25
    gatorguygatorguy Posts: 23,247member
    danvm said:
    danvm said:
    nicholfd said:

    danvm said:
    I doubt this will change anything. So many organisations have bought fully into the MS dream world and they are not going to admit any mistake. Everyone will be very busy putting out this umpteenth fire, but after that it will be business as usual. 

    The saying used to be: "Nobody ever got fired for buying IBM", and the same goes for Microsoft too. It's the perfect lock-in. And MS IT-departments want to be locked in in order to show the need for their size and budgets. Managements love it because it makes them seem more important. 

    So I think same old will remain same old.

    I wish Apple had continued building their own back end infrastructure, but they left it to MS. Not good for Apple.
    Most business / enterprises are fully into MS because they offer the best enterprise / business ecosystem in the market.  The same benefits you see with Apple ecosystem with consumers, is with MS with their business / enterprise software.  Even though they are not perfect, as the security issue with Exchange show, most of the time they have been proved very secure, specially with their server / business software.  
    And again, you would be wrong.  Most businesses and enterprises are in to MS because it's what they know, and it's the "easy" path.  Microsoft has NEVER proven they are "very secure", especially with there server/business software.
    Maybe is the easy path because MS has the best business / enterprise ecosystem.  And their integration of on-premise with Azure is excellent.  As today, no one is close to them.  And their server / cloud applications and services have been prove very secure.  Again, maybe I'm wrong, but I didn't find other major issues as the one with Exchange for their enterprise / business software and services in past years.  You could post some links clarifying that.  

    Wrong
    Like I said, I haven't found article or cases where MS business / enterprise software and services have been compromised in recent years as the case with have with Exchange.  But since you say that I'm wrong, maybe you could post articles about this.
    Are you done holding your breath? I don't recall him EVER posting a link for any questionable claims he makes.
    muthuk_vanalingam
  • Reply 19 of 25
    GeorgeBMacGeorgeBMac Posts: 10,462member
    gatorguy said:
    danvm said:
    danvm said:
    nicholfd said:

    danvm said:
    I doubt this will change anything. So many organisations have bought fully into the MS dream world and they are not going to admit any mistake. Everyone will be very busy putting out this umpteenth fire, but after that it will be business as usual. 

    The saying used to be: "Nobody ever got fired for buying IBM", and the same goes for Microsoft too. It's the perfect lock-in. And MS IT-departments want to be locked in in order to show the need for their size and budgets. Managements love it because it makes them seem more important. 

    So I think same old will remain same old.

    I wish Apple had continued building their own back end infrastructure, but they left it to MS. Not good for Apple.
    Most business / enterprises are fully into MS because they offer the best enterprise / business ecosystem in the market.  The same benefits you see with Apple ecosystem with consumers, is with MS with their business / enterprise software.  Even though they are not perfect, as the security issue with Exchange show, most of the time they have been proved very secure, specially with their server / business software.  
    And again, you would be wrong.  Most businesses and enterprises are in to MS because it's what they know, and it's the "easy" path.  Microsoft has NEVER proven they are "very secure", especially with there server/business software.
    Maybe is the easy path because MS has the best business / enterprise ecosystem.  And their integration of on-premise with Azure is excellent.  As today, no one is close to them.  And their server / cloud applications and services have been prove very secure.  Again, maybe I'm wrong, but I didn't find other major issues as the one with Exchange for their enterprise / business software and services in past years.  You could post some links clarifying that.  

    Wrong
    Like I said, I haven't found article or cases where MS business / enterprise software and services have been compromised in recent years as the case with have with Exchange.  But since you say that I'm wrong, maybe you could post articles about this.
    Are you done holding your breath? I don't recall him EVER posting a link for any questionable claims he makes.

    LOL...   That Microsoft creates private and secure systems?
    If you believe that you need go find a bridge to buy.

    Oh wait!  You're the one who claims Google never collected anyone's data.  Never mind.
  • Reply 20 of 25
    gatorguygatorguy Posts: 23,247member
    gatorguy said:
    danvm said:
    danvm said:
    nicholfd said:

    danvm said:
    I doubt this will change anything. So many organisations have bought fully into the MS dream world and they are not going to admit any mistake. Everyone will be very busy putting out this umpteenth fire, but after that it will be business as usual. 

    The saying used to be: "Nobody ever got fired for buying IBM", and the same goes for Microsoft too. It's the perfect lock-in. And MS IT-departments want to be locked in in order to show the need for their size and budgets. Managements love it because it makes them seem more important. 

    So I think same old will remain same old.

    I wish Apple had continued building their own back end infrastructure, but they left it to MS. Not good for Apple.
    Most business / enterprises are fully into MS because they offer the best enterprise / business ecosystem in the market.  The same benefits you see with Apple ecosystem with consumers, is with MS with their business / enterprise software.  Even though they are not perfect, as the security issue with Exchange show, most of the time they have been proved very secure, specially with their server / business software.  
    And again, you would be wrong.  Most businesses and enterprises are in to MS because it's what they know, and it's the "easy" path.  Microsoft has NEVER proven they are "very secure", especially with there server/business software.
    Maybe is the easy path because MS has the best business / enterprise ecosystem.  And their integration of on-premise with Azure is excellent.  As today, no one is close to them.  And their server / cloud applications and services have been prove very secure.  Again, maybe I'm wrong, but I didn't find other major issues as the one with Exchange for their enterprise / business software and services in past years.  You could post some links clarifying that.  

    Wrong
    Like I said, I haven't found article or cases where MS business / enterprise software and services have been compromised in recent years as the case with have with Exchange.  But since you say that I'm wrong, maybe you could post articles about this.
    Are you done holding your breath? I don't recall him EVER posting a link for any questionable claims he makes.

    LOL...   That Microsoft creates private and secure systems?
    If you believe that you need go find a bridge to buy.

    Oh wait!  You're the one who claims Google never collected anyone's data.  Never mind.
    See? No links. ;)
    edited March 14 muthuk_vanalingam
Sign In or Register to comment.