12 Mar Microsoft Exchange Cyberattacks
What you need to know about securing Microsoft Exchange.
Multiple cyberattacks on on-premise Exchange Server instances were detected by Microsoft this month, according to recent updates from Microsoft.
The attacks by “hacker” group, Hafnium, have targeted entities in the United States across a number of industry sectors. While Hafnium was cited as the main attackers, Microsoft reported multiple actors were exploiting the same vulnerabilities in Exchange.
Microsoft listed the vulnerabilities and delivered patches which can be found on this page.
“We strongly urge customers to update on-premises systems immediately,” said the Microsoft Security Response Center (MSRC). Microsoft Exchange Online users were not affected by the recent attack.
“We heard about this latest threat and got to work immediately.”
At Cyberlink, we understand minutes matter and work 24/7 for your cybersecurity. We heard about this latest threat and got to work immediately to apply all recommended patches and updates, and secure our clients from these attacks.
MSRC has provided additional resources to help users determine if they have been attacked so they can defend themselves, including new mitigation guidance: Microsoft Exchange Server Vulnerabilities Mitigations – March 2021
What Are Security Patches? Security patches are small adjustments made to software to address specific vulnerabilities as they are discovered. Like other software updates, security patches are critical to the performance of your applications and should be applied on an on-going basis.
About 28% of U.S. cyberattacks in 2020 targeted small businesses, according to research on cybersecurity trends. One of the benefits of bringing your systems into the cloud though a private hosting provider is 24/7 monitoring. Another is having updates, patches and fixes included.
“28% of U.S. cyberattacks in 2020 targeted small businesses”
Keeping your software up to date and responding quickly to threats like the recent Exchange attack is so important to your cybersecurity.
It’s all about staying ahead of attackers as they discover vulnerabilities in a piece of software, but there are other reasons why keeping software up to date is important.
Five Reasons to Keep Your Systems Updated:
- Patch security flaws
- Fix bugs
- Get new features
- Spread costs out rather than paying cumulative update fees later
- Keep up with tax and other compliance updates
This is one of the ways a private hosting provider can help by assuring your systems are up to date. With a cloud hosting provider who is 100% focused on cloud security and performance, businesses get the added reassurance their provider is ready to respond to threats at a moment’s notice. With regular backups, monitoring and maintenance from the cloud hosting provider, software and data are always available and up to date. Learn about the benefits of tailored cloud hosting.
8 Ways to Make Your Small Business Cyber Secure
Cyber security is an ongoing problem that businesses face. While threats like the one on Exchange are largely up to vendors like Microsoft to identify and respond to, there are actions SMBs can take to protect themselves.
- Create and enforce basic security practices & policies and communicate them to your team.
- Create and enforce a BYOD security policy
- Monitor and firewall your network
- Backup regularly
- Require separate user accounts with strong passwords for all users.
- Audit your security regularly to ensure it’s up to date
- Create security training opportunities for your team
- And of course, install the latest security software and keep apps up to date with the latest versions.
Again, a private hosting provider can secure many of your systems so your IT team can spend more time focused on running the business, innovation and delivering strategic dashboard insights.
Going cloud can help you secure your business and prevent attacks on your systems, but it’s important to choose a cloud provider for your needs. While going cloud through Azure is a popular option for many software cases, accounting software or other critical systems often require more control. When you carefully select a private hosting provider, you get the best of both worlds: cloud service from a provider whose core business is securing your systems, and you remain in control.