After our initial analysis of grouping the Microsoft Exchange Server Attack, we further analyzed a dataset containing approximately 5000 companies with a total exposure of $34,644,208,987. The distribution of the companies included a distribution across:
The analysis was done to better determine which types of companies are potentially susceptible to attacks and damage due to the newly discovered vulnerability.
The analysis first isolated each of the CRIMZON™ elements:
The results clearly show that grouping companies by one characteristic only does not provide accurate information on possible aggregations, however, when the elements are grouped into a CRIMZON, the types of companies affected by the attack become much clearer. Insights using CRIMZON can also provide supplementary insights on aspects such as security hygiene and patching cadence.