As Microsoft Partners, we have been following this news of the backdoor access hackers could exploit in Microsoft Exchange servers. Luckily, all of our clients have been in the cloud and are Microsoft 365 customers and thus are not affected by this vulnerability. However, it is estimated that 250,000 or more businesses were affected.
Though Microsoft has offered a patch to shore up the vulnerability in the exchange servers, hackers may have already been able to install malicious software and secured access to your network without the back door.
What To Do If You Have Microsoft Exchange
1. Install Microsoft’s Patch
Microsoft made available an easy one-click mitigation tool you can use to close the back door into your exchange server. You can find the link to this tool here.
2. Reference Microsoft’s Security Blog
Microsoft released updated tools and investigation guidance to help IT Pros and incident response teams identify, remediate, defend against associated attacks: Guidance for responders: Investigating and remediating on-premises Exchange Server vulnerabilities.
3. Cut Off Hacker’s Access To Your Critical Systems By Taking Them Offline
Until you can get a team of cybersecurity professionals to assess any damage and remove any intrusions, you should take your critical systems offline. Every minute a hacker has inside your systems, they can be exfiltrating data, accessing your client’s information, or installing malware that can wreak havoc on your system or give them permanent access to your systems.
4. Contract Cybersecurity Experts To Re-Secure Your Systems
Working with a trained cybersecurity professional is the only way to truly re-secure your systems and remove any damaging traces that the hacker was in your system. Unfortunately, cybersecurity professionals are in short supply. Not many people have the skill set, and those that do are often stretched thin and very busy.
Even If You Weren’t Directly Affected, A Service You Use Might Have Been
Though your business might not use Microsoft Exchange Servers, you might be the customer of a business that does. If any of your personal information was being stored by a vulnerable business, you need to be vigilant about any suspicious account log-in attempts and consider changing out some of your passwords to keep yourself secure.
We hate to see news of significant hacks like this but know that this is the reality of operating in a digital world. The only way to stay protected is to be proactive and attentive to your system’s activity and alerts. We would be happy to hop on a call with you to discuss how we can help defend your business; click the button below.