How to fortify Exchange server issues that just won’t die

The world learned about the Hafnium attacks on Microsoft Exchange servers last year, and it was bad. Since then, more vulnerabilities have been discovered, as well as additional ways that cybercriminals exploit them.

Brad Rosairo, BitTitan’s Director of Business Development, Asia Pacific, suggests that IT teams who still manage on-premises Exchange servers must feel like they live in a zombie movie.

He says: “The problems just keep coming: zombies as far as the eye can see. Just when an organisation’s IT team thinks it has the house fortified, attacks start emerging from the basement.”

In the Exchange instances, companies discovered that their servers had been exploited only after the attackers were inside. Later, new information showed that cyber criminals use Exchange server vulnerabilities for their botnets so they can secretly steal processing power and mine cryptocurrency.

Advertisement

Just when we thought we figured out how to deal with regular zombies, along comes one that attempts to hijack our brain! If only we’d applied those patches sooner!

At this point in any zombie movie, you’re screaming at the characters to ‘Get out of the house!’ Thankfully, cloud technologies are available and ready to whisk you to safety.

Leveraging the cloud

Companies using Microsoft Exchange Online have continued to go about their business, unbothered by the incoming flood of scary news of cyberattacks. Their cloud servers are protected and patched on a regular schedule and monitored by teams of cybersecurity experts.

Each time a new Exchange vulnerability is discovered, it often comes with reassuring news for those in the cloud: The threat doesn’t apply to Exchange Online.

For organisations still managing an on-premises Exchange server, it’s vital that they keep up with Microsoft’s CUs and SUs – cumulative updates and security updates. CUs are generally released quarterly with resolutions to feature problems. SUs are released when security issues are found and fixed.

Unfortunately, Microsoft has found that many companies have not kept up with their necessary updates, so they are not on supported CU versions. This means they are unable to install security patches as soon as they are available – leaving their servers vulnerable to malicious threats.

Vigilance is vital

Last year’s attacks make it clear that companies wanting to keep their Exchange servers on-premises need to maintain constant vigilance, not only with continuous updates and security patching, but also monitoring for nefarious intruders.

Paul Kirvan, writing for TechTarget, has published helpful instructions for battening down the hatches, including a 12-point plan with eight sub-points:

#  Keep servers up to date

#  Launch specialised utilities

#  Deploy firewalls

#  Use Exchange server security programs

#  Secure the perimeter

#  Monitor servers

#  Use allow lists and blocklists

#  Use certificates

#  Limit administrative access

#  Use role-based access control and strong passwords

#  Harden the OS

#  Audit mailbox activity logs.

In the zombie movie, this is when our heroes start throwing every piece of furniture at the intruders and grabbing the fire extinguisher.

Security experts sometimes wonder why internal IT teams aren’t keeping up on every single recommended data-protection tactic. The answer often comes down to resources and priorities. Security is vital, but so are development and modernisation projects – and time is finite.

Don’t wait to act

At BitTitan, we’ve seen how moving to the cloud enables internal IT teams to focus more on improving employee and customer experiences, because they rely on cloud-provider support to manage security. The strengthened cloud security eliminates a critical worry of IT teams.

Cloud providers like Microsoft Azure invest heavily in state-of-the-art physical and cybersecurity resources. They also implement ongoing updates and perform continuous monitoring.

Unfortunately, the zombies aren’t going away: They will continue to test the fences of your on-premises servers. It’s time to get out of the house. With proven migration solutions, an organisation can migrate securely to the cloud and let Microsoft Azure’s security resources improve vigilance over their environment.