top of page
  • texasitpros

2021's Microsoft Exchange Server Breach Shows Why Managed Server Support is Vital

managed services expert continuously monitoring and maintaining your server, then it can easily leave you vulnerable to a data breach or malware infection. One of the largest compromises of on-premises assets happened between January and March of 2021 and is still causing problems for thousands of businesses around the world. Microsoft Exchange Server, which is the largest on-premises email solution, was the target of a major hack that began being detected in early January 2021. It took until March 2021 for Microsoft to develop and issue patches for the four vulnerabilities that were exploited during the hack. Up to now, it’s estimated that 250,000 organizations around the world, 30,000 of those in the U.S., have been impacted. Many of them are SMBs. Microsoft Exchange Server has approximately 78% of the on-premises email market share. Attacks were first perpetrated by a known state-sponsored Chinese hacking group called Hafnium. Once news of the vulnerabilities got out, soon many other cybercriminals were joining in and attacking as many Exchange Servers as possible before patches could be issued. When the four found vulnerabilities are used together, they allow a hacker to elevate themselves to administrative privileges on a server, write a file to any path, and run code. So, they can basically take over the Exchange Server. Victims that have their Exchange Server hacked can suffer:

  1. Stolen email data

  2. Use of their company domain for spam and phishing

  3. Ransomware infection and ransom demand

  4. Compromised usernames and passwords

  5. Use of the server for nefarious activities

  6. The planting of a “back door” that allows a hacker to remain in the system even after Microsoft’s patches have been applied.

Which Microsoft Email Solutions Were Impacted? If you use Microsoft 365 and Exchange Online, then you were not impacted by this breach. It only affected the on-premises email software in Microsoft Exchange Server. The impacted versions are:

  1. Exchange Server 2010

  2. Exchange Server 2013

  3. Exchange Server 2016

  4. Exchange Server 2019

Why Simply Applying the Patches May Not Be Enough If you were prompt about applying the security patches that Microsoft issued in March to seal these four vulnerabilities, you may still not be safe. Microsoft states: “These mitigations are not a remediation if your Exchange servers have already been compromised, nor are they full protection against attack.” To reduce your security risk for a data breach, or ransomware, or spyware infection, it’s important that you have your server properly administered. Most SMBs can’t afford to have one dedicated expert on staff doing nothing but handling their I.T., so the best bet for ensuring your on-premises system is secure and running efficiently is through managed I.T. services.

The Benefits of Managed Services for Your On-site Server

Continuous Threat Monitoring Being proactive when it comes to the security of a server environment can prevent costly breaches by catching unusual behavior before it results in a major security incident. 43% of all cyberattacks target small businesses, but only 14% on average have the right security in place to defend themselves. The average cost of a data breach is $200,000, which is enough to significantly hurt a small business or even cause them to close for good. Continuous threat monitoring through an affordable managed services plan is important insurance against a devastating breach.

Prompt Patch/Update Management & Security Even though Microsoft issued patches in March for the vulnerabilities responsible for this major global hack of its server, there are undoubtedly companies that haven’t installed them yet. Unpatched software vulnerabilities are a major cause of data breaches of all types, and this often happens because companies don’t have a dedicated person or company handling I.T. management and security. One of the core functions of managed services is to ensure all software and operating system patches and updates are applied promptly to keep systems protected. Managed services providers also utilize other security measures, such as firewalls, managed anti-malware, and custom security policies to keep systems secure, even if a vulnerability like this is discovered.

Ongoing Health & Performance Management Just like computers, servers can get slow as time goes on and have problems if not properly maintained. An I.T. professional will monitor server health and performance and make updates as needed to keep your server running efficiently. This mitigates the chance of unexpected downtime or a server crash that could result in data loss.

Don’t Leave Your Server Unprotected or Unmanaged Texas I.T. Pros can help your Denton or Wise County business with affordable server management to ensure security, performance, and productivity. Contact us today to learn more! Call 940-239-6500 or reach out online.

bottom of page