Widely reported in the mainstream news, due to the severity of this attack, Microsoft reported on the 2nd March 2021 that vulnerabilities in Exchange Server mail and calendar software were being widely exploited by hackers. Thousands of businesses have been affected… Should you be worried?
- Yes, if you are using a privately hosted Exchange
- No, if you are using Office 365 Exchange Online
With the prevalence of Microsoft Exchange Server within businesses, globally, this is pretty big news. As you can understand, it has a lot of them, including our customers, quite concerned.
Firstly, and very importantly for ISAAC customers, the hackers were targeting Microsoft Exchange Server, and not the cloud–based Office 365 platform. Microsoft have now released patches to cover the exploited holes in MS Exchange Servers 2010, 2013, 2016 and 2019. Due to the severity of the attack, Microsoft released the patches on the first Tuesday of the month, ahead of the traditional Patch-Tuesday, which is typically the 2nd Tuesday of the month, but these will need to be applied by your IT team. The inclusion of patches for Exchange Server 2010, which is not officially supported anymore, shows that these holes have been around for quite some time.
Will the patches kick out the hackers if we have been compromised?
- The answer from Microsoft is No.
We us Office 365 (and Exchange Online), so no need to worry?
- We always recommend Microsoft Exchange Online, over Exchange Server, due to it’s reliability and security; provided you have appropriate security protocols in place, such as Multi Factor Authentication.
- Even with appropriate multi-layered security in place, we would also always advise caution in what you open and click in your mailbox. The threat of malicious links in phishing emails is prevalent – read our blog post on how to deal with them.
Ultimately, cyber security is a big deal and being sure you are taking all the precautions you can is important.
Give us a shout if you would like a security review of your Office 365 environment.
Hybrid to be Default for 80% of Workforce by 2024 A recent report published by insights specialists Incisiv has found that by 2024 hybrid work will be the default working model for more than 80 per cent of the workforce. Despite the report found that onsite...
Why is a product mindset essential for digital transformation? The widespread use of computers and the internet has sparked the present digital revolution, which links people and objects, forecasts the future, manages enterprises, and makes it possible to manage...
As companies and their employees try to return to “normal” over two years after the onset of the coronavirus pandemic, it has become clear that they are chasing a mirage. Our work mode has evolved on many fronts, and we will never go back to how things were before....