What the Exchange vulnerability means to you

You may have heard about the massive Exchange vulnerability Microsoft patched last week. This vulnerability allowed a powerful backdoor trojan to be installed onto affected servers, allowing the offloading and monitoring of emails and in many cases voice mails as well, of hundreds of thousands of servers across the world. It’s been stated by security professionals that if you’re running Exchange, there’s a very high probability your server has been compromised.

Here’s what we know.
The vulnerability was discovered by researchers in January, and Microsoft was alerted at that time. Last week’s patch included the no-longer-supported Exchange Server 2010, indicating this weakness has likely existed for more than 10 years. Once again, the old cybersecurity maxim applies – there are two types of companies – those who know they’ve been breached, and those who don’t know it yet.

What can you do?
Obviously running your patches immediately is essential. Additionally, running updated antimalware and antivirus scans after running the patches is a good idea. Finally, we recommend changing the server password and the passwords for the email accounts for all the users running through Exchange. While this isn’t a compromised credential type of weakness, it’s reasonable to assume a compromised server could have had user credentials lifted at some point in the past.

This points to a larger issue. If you’re still running your own Exchange server, it’s proving to be increasingly difficult to maintain its integrity. Businesses have moved to Office 365 and hosted solutions to reduce both their on-premise costs and risks. In the short term, moving to the cloud achieves both – greater security and less cost. In the long term, a hosted solution will cost more, but the purported security advantages should outweigh the increased costs.

If you haven’t done so yet, we encourage you to move to the cloud. Acentec can migrate you to Office 365 and we can host your other data and application needs at our world-class datacenter located in Phoenix, AZ, with co-location facilities worldwide.

It’s more important than ever to prioritize the cybersecurity of your organization. Our cyber-testing services can hack your network, track your employees, and identify your weaknesses before the bad guys do. Call us for details.

 


If you have any questions or if you are concerned about your organization’s cybersecurity, give us a call at (800) 970-0402. We’ll be happy to help.


For more HIPAA information, download our ebook – The Ultimate HIPAA Compliance Handbook.

The HIPAA Security Rule requires the implementation of a security awareness and training program for all members of its workforce (including management). Have your team sign up for weekly HIPAA Security Reminder to help stay compliant.