An attack on over 30,000 Microsoft Exchange email servers may have started as early as January 3rd, 2021 and hackers continue to target the underlying vulnerabilities. This security incident primarily impacts businesses and other organizations using the on-premise edition of Microsoft Exchange Server, an email inbox, calendar, and file collaboration solution. Users range from the largest enterprises to small and medium-sized businesses worldwide. The Exchange servers are prime targets for cyberattacks due to the volume of email information they hold about an organization, the sensitive and proprietary data they may expose, and the gateway to additional sources of personal and business information they represent.
On March 2nd, 2021, Microsoft announced the release of several Exchange Server security updates, addressing these previously unknown, or “zero-day” vulnerabilities. While fixes have been issued, the scope of potential Exchange Server compromise depends on the speed and uptake of patches — and the number of estimated victims continues to grow. History suggests many organizations do not update their software when vulnerabilities are found. In 2020, Microsoft warned Exchange server customers to patch the critical flaw CVE-2020-0688 but found that months afterward, tens of thousands of Exchange servers remained unpatched.
Is my business at risk?
Although it has not been confirmed if any sensitive business or Personally Identifiable Information (PII) was accessed by hackers, the cyberattack gave cyberthieves total remote control over affected systems, allowing for potential data theft and further compromise.
Organizations using Microsoft Exchange services should:
- Ensure on-premise Exchange services are ONLY accessible through successful authentication through a Virtual Private Network (VPN)
- Enable multi-factor authentication for Exchange services
- Require employees to update account passwords immediately
- Recommend that employees watch their credit card statements for any indication of fraud or identity theft
- Businesses can also monitor business credit, and continuously watch for sensitive business data appearing on the dark web, with business identity theft and cyber threat protection services
READ THE FBI’S STATEMENT ON THE MICROSOFT SERVER HACK.
Steps to protect your email account
Consider the following tips to ensure your business and your employees’ email accounts are protected from further fraudulent use:
- Apply fixes immediately. Microsoft has urged IT administrators and customers to apply the security fixes immediately. For your convenience, we have included this information above, but please access Microsoft’s direct guidance using the aforementioned link. Please note, just because fixes are applied now, this does not mean that servers have not already been compromised. Interim mitigation option guides are also available if patching immediately is not possible.
- Enable two-factor authentication. 2FA helps protect online accounts from unauthorized access. With 2FA, use something you know (your email and password) and something you have (a one-time code sent to your phone) to verify your identity and log in to your account.
- Update account passwords. Change passwords for all online accounts regularly and sign up for a password manager tool to store all login credentials in one secure location.
- Protect mobile devices. Reduce risks of future identity incidents by monitoring mobile devices for malware, spyware, and other exploitable weaknesses. Look for an identity theft protection service with mobile cybersecurity built into its app.
Protect Your Employees Today
Regardless of what industry you’re in, make sure that your entire staff is protected by rolling out the industry’s best identity theft protection as a non-taxable employee benefit – you’ll add a layer of defense that provides protection from the fallout of a data breach.
Experience our suite of protection services for yourself with a Free Business Trial.