Security analysts are calling it a wake-up call – the news from Microsoft on March 2 couldn’t be more alarming:
Attacks targeting unpatched Exchange systems by multiple malicious actors…
…using vulnerabilities to access on-premises Exchange servers…
…allowing the installation of malware…
Last week’s announcement of widespread vulnerabilities for on-premises Exchange servers will mark one of the largest cybersecurity events of the year, if not the decade. Estimates are that up to 60,000 systems across industries worldwide could have fallen victim to this attack which was believed to have been carried out by HAFNIUM, a Chinese state-sponsored group commonly targeting vulnerabilities in internet-facing servers. For companies still running on-premises Exchange servers, it’s hardly comforting to learn that Exchange Online wasn’t affected. But it also presents an opportunity to re-think how your company is managing email.
This situation has required urgent action – every IT manager and MSP still relying on Exchange servers should have immediately dropped everything to update their on-prem installations to prevent against these exploits. Unfortunately, the available mitigations won’t protect Exchange servers that have already been accessed. Microsoft has issued additional guidance around evaluating your servers to ensure they have not been compromised with additional malware such as web shells. After your organisation has applied these updates and verified (hopefully) no breach was sustained, now is a good time to work with your MSP or data security team to make a change.
It’s time to get real about the next attack. It’s not a matter of if but when the next vulnerability will be discovered and exploited. There’s a lot to have to think about – planning for the next breach when you’re still in the middle of your incident response strategy and reporting for this one. But there’s no reason to be fatalistic. Even though bad actors will continue to test the fences, you shouldn’t accept vulnerability as a fact of life.
If you’ve been talking about moving your organisation’s email to the cloud, now you’ve got another very big reason. Again, even though this newly-discovered Exchange vulnerability was huge, organisations already using Exchange Online were safe. That means IT managers who’ve already migrated were able to sleep right through the wake-up call. They’ve got the benefits of email in the cloud:
Plan your move to the cloud today
Yes, you could argue that taking steps now to secure your email with Exchange Online is the classic case of closing the barn door after the horse has runoff. Even if you were lucky this time and you found your particular server was unaffected, there will be more incidents in the future. Designing a plan now for a fast and secure migration to Exchange Online will allow you the peace of mind that your – or your customer’s data – is safe in the cloud.
At BitTitan, we want to help. For more than a decade we’ve been helping companies move to the cloud for all the reasons outlined here, helping them increase productivity and security with Microsoft 365. If you or your organisation has been affected by this attack, contact us today to see how we can help you transition to a safer, more productive workspace in the cloud.
Share this Post:
TWETTER FEED
