Is it time to move to hosted Exchange? Considerations for IT
Have the recent widely publicized attacks on Microsoft Exchange made you realize that now is the time for someone else to run your organization’s email?
To recap: cyberespionage group Hafnium and other threat actors took advantage of previously undisclosed vulnerabilities in Exchange Server to hack into tens of thousands of Exchange Server machines facing the internet. In many cases, these were fully patched machines running the latest version of Exchange; in others, the Exchange Server boxes were running older versions lacking current updates. Microsoft issued patches for the vulnerabilities on March 2, but the vulnerabilities were widely exploited before then.
For most victims, the attackers left a back door on compromised machines, allowing them to return to wreak havoc later, even after patches are deployed. In other cases, information was exfiltrated; an investigation by security firm Volexity revealed that attackers were using the vulnerabilities to steal the full contents of users’ mailboxes.
It’s no surprise that this very prominent hacking event may be the catalyst for a lot of shops to reconsider whether running email is worth the hassle. The benefit of local control and amortized costs may now be outweighed by the cost of fighting these giant internet-wide attacks. Why not let someone else handle the security, patching, defense, and more?
- You might have just missed the best time to sell your startup
- Facebook data on 533 million users posted online
- Podcast: WWDC 2021: What to expect at Apple’s June event
- Daily Crunch: Apple Arcade expands with classic games
- Is your iPhone feeling slow? The fix might be quick and simple (and free)
- Apple switches off the ‘open web’ by making it better