Microsoft Exchange Server Attack Case Study Part 2
After our initial analysis of grouping the Microsoft Exchange Server Attack, we further analyzed a dataset containing approximately 5000 companies with a total exposure of $34,644,208,987. The distribution of the companies included a distribution across:
- 8 countries
- 43 industries
- Various sizes (based on employee count)
The analysis was done to better determine which types of companies are potentially susceptible to attacks and damage due to the newly discovered vulnerability.
The analysis first isolated each of the CRIMZON™ elements:
- Country
- Sector and Industry
- Company Size (by Employee Count)
Country
Sector and Industry
Company Size (by Employee Count)
The results clearly show that grouping companies by one characteristic only does not provide accurate information on possible aggregations. However, when the elements are grouped into a CRIMZON, the types of companies affected by the attack become much clearer. Insights using CRIMZON can also provide supplementary insights on aspects such as security hygiene and patching cadence.
Ultimately, no single defining factor could have determined how vulnerable an organization was to the Microsoft Exchange Server attack. Instead, an organization's risk environment is a culmination of several factors that, only when assessed in the aggregate, can provide insight into relative forecasted frequencies and respective severities.
Although the server attack caused widespread, irreversible damage, it has nevertheless provided us with crucial insights that will allow cyber risk modelers to calculate more accurate and precise risk landscapes for organizations across the global marketplace.
