SecurityBrief Australia - Technology news for CISOs & cybersecurity decision-makers
Story image

Fortify IT: How to fix Exchange server issues that just won’t die

Wed, 23rd Feb 2022
FYI, this story is more than a year old

The world learned about the Hafnium attacks on Microsoft Exchange servers last year, and it was bad. Since then, more vulnerabilities have been discovered, as well as additional ways that cybercriminals exploit them.

IT teams who still manage on-premises Exchange servers must feel like they live in a zombie movie.

The problems keep coming: zombies as far as the eye can see. Just when an organisation's IT team thinks it has the house fortified, attacks start emerging from the basement. In the Exchange instances, companies discovered that their servers had been exploited only after the attackers were inside.

Later, new information showed that cybercriminals use Exchange server vulnerabilities for their botnets so they can secretly steal processing power and mine cryptocurrency. Just when we thought we figured out how to deal with regular zombies, along comes one that attempts to hijack our brain! If only we'd applied those patches sooner!

At this point in any zombie movie, you're screaming at the characters to 'Get out of the house!' Thankfully, cloud technologies are available and ready to whisk you to safety.

Leveraging the cloud

Companies using Microsoft Exchange Online have continued to go about their business, unbothered by the incoming flood of scary news of cyberattacks. Their cloud servers are protected and patched on a regular schedule and monitored by teams of cybersecurity experts.

Each time a new Exchange vulnerability is discovered, it often comes with reassuring news for those in the cloud: The threat doesn't apply to Exchange Online.

Organisations still managing an on-premises Exchange server must keep up with Microsoft's CUs and SUs – cumulative updates and security updates. CUs are generally released quarterly with resolutions to feature problems. SUs are released when security issues are found and fixed.

Unfortunately, Microsoft has found that many companies have not kept up with their necessary updates, so they are not on supported CU versions. Unfortunately, this means they are unable to install security patches as soon as they are available – leaving their servers vulnerable to malicious threats.

Vigilance is vital

Last year's attacks make it clear that companies wanting to keep their Exchange servers on-premises need to maintain constant vigilance, not only with continuous updates and security patching but also monitoring for nefarious intruders.

TechTarget writer, Paul Kirvan has published helpful instructions for battering down the hatches, including a 12-point plan with eight sub-points:

  • Keep servers up to date
  • Launch specialised utilities
  • Deploy firewalls
  • Use Exchange server security programs
  • Secure the perimeter
  • Monitor servers
  • Use allow lists and blocklists
  • Use certificates
  • Limit administrative access
  • Use role-based access control and strong passwords
  • Harden the OS
  • Audit mailbox activity logs

In the zombie movie, this is when our heroes start throwing every piece of furniture at the intruders and grabbing the fire extinguisher.

Security experts sometimes wonder why internal IT teams aren't keeping up on every single recommended data-protection tactic. The answer often comes down to resources and priorities. Security is vital, but so are development and modernisation projects – and time is finite.

Don't wait to act

Moving to the cloud enables internal IT teams to focus on improving employee and customer experiences because they rely on cloud-provider support to manage security. In addition, the strengthened cloud security eliminates a critical worry of IT teams.

Cloud providers like Microsoft Azure invest heavily in state-of-the-art physical and cybersecurity resources. They also implement ongoing updates and perform continuous monitoring.

Unfortunately, the zombies aren't going away: They will continue to test the fences of your on-premises servers. It's time to get out of the house. With proven migration solutions, an organisation can migrate securely to the cloud and let Microsoft Azure's security resources improve vigilance over their environment.

Follow us on:
Follow us on LinkedIn Follow us on X
Share on:
Share on LinkedIn Share on X