Have the recent widely publicized attacks on Microsoft Exchange made you realize that now is the time for someone else to run your organization’s email?
To recap: cyberespionage group Hafnium and other threat actors took advantage of previously undisclosed vulnerabilities in Exchange Server to hack into tens of thousands of Exchange Server machines facing the internet. In many cases, these were fully patched machines running the latest version of Exchange; in others, the Exchange Server boxes were running older versions lacking current updates. Microsoft issued patches for the vulnerabilities on March 2, but the vulnerabilities were widely exploited before then.
For most victims, the attackers left a back door on compromised machines, allowing them to return to wreak havoc later, even after patches are deployed. In other cases, information was exfiltrated; an investigation by security firm Volexity revealed that attackers were using the vulnerabilities to steal the full contents of users’ mailboxes.
Ouch.
It’s no surprise that this very prominent hacking event may be the catalyst for a lot of shops to reconsider whether running email is worth the hassle. The benefit of local control and amortized costs may now be outweighed by the cost of fighting these giant internet-wide attacks. Why not let someone else handle the security, patching, defense, and more?