The Microsoft Exchange Server Breach: Why it Matters for Your Small Business
Edward Maurer
Director of Security
The Microsoft Exchange Server breach; you may have seen the headlines, or maybe it was lost in the sea of the seemingly endless reports of cybersecurity-related incidents. You’re running a small business, you’ve got other things to worry about, so you moved on.
Unfortunately, if you’re one of the many small businesses that hasn’t moved its email servers to the cloud (ie. Office 365 or Gmail), you might be in for a difficult time.
In the simplest of terms, the former is email and calendaring software that runs on a dedicated in-house server (or what some refer to as on-prem) that you control and maintain. The latter runs on a cloud-based server that is controlled and maintained by the service provider.
While that seems like the logical conclusion, for a small or midsized business with limited IT resources, cloud-based email is more economical, and ultimately a safer option. Even though the monthly costs for cloud-based email can seem hefty, when weighed against both the human capital cost and potential losses if a breach were to occur, you’ll likely find that cloud-based email comes out ahead.
Recently, Microsoft released a patch for their exchange servers to plug four security holes for anyone running Microsoft Exchange Server 2013 through 2019. As I mentioned above, ensuring the safety of a dedicated-server involves constant monitoring and updating by IT professionals, including applying these types of patches. This is a resource most small and midsize businesses can’t afford. And even if this particular security patch was applied, there is a high likelihood that the hole was already compromised by a foreign adversary giving the attackers total, remote control over the affected systems. This also opens the door to other bad actors who can use it to take over any unpatched mail servers.
Once they gain access, they can read every email in your organization. While this may not sound terrible, think about the amount of proprietary information companies share via email on a daily basis. If this information falls into the wrong hands, the costs, both financially and to your reputation as a trusted partner to your clients, can be devastating.
And access to your email is just the beginning. Once they are in, they can also encrypt your data with ransomware, blocking your access and holding it ransom in exchange for payment, and can go even deeper by gaining administrative access to other servers and systems connected to your network.
We recommend that you follow these guidelines from The Cybersecurity and Infrastructure Security Agency (CISA) which include:
If you need additional guidance or support the AaDya security team is here to help. Feel free to email us at inquiries@aadyasecurity.com, or call us at 800.918.9113.
AaDya Security provides smart, simple, affordable and effective cybersecurity software solutions for small and midsize businesses. You can learn more about Marzo4, our all-in-one platform here.
