03-18-21 | Blog Post
What started as a report from Krebs on Security of at least “30,000 US organizations” hacked has quickly morphed into what Bloomberg calls a “Global Crisis” with at least 60,000 hacked businesses. ZDNet reports “exploitation attempts on organizations doubling every two to three hours.” What really stands out about the ZDNet article is an estimate that “at least 125,000 servers remain unpatched worldwide.” Unpatched software is responsible for 20% to 40% of breaches, only surpassed by phishing and social engineering at 70% to 90%.”
Inaction Can Exacerbate the Problem
On March 2, 2021 The Exchange Team at Microsoft released the essential Exchange Server security updates (Click Here) urging users to patch immediately. It is noted that the flaws primarily impact internet facing users of Exchange Server 2013, 2016, and 2019. This was a quiet and long developing hack that escalated quickly into what MIT Technology chronicles as “escalating into a reckless hacking spree.” The Cyber Infrastructure and Infrastructure Security Agency (CISA) recommends: CISA is aware of widespread domestic and international exploitation of these vulnerabilities and strongly recommends organizations run the Test-ProxyLogon.ps1 script—as soon as possible—to help determine whether their systems are compromised. For additional information on the script, see Microsoft’s blog HAFNIUM targeting Exchange Servers with 0-day exploits. There is also a Microsoft authored script published on GitHub to address the known vulnerabilities. CIOs and IT managers, don’t wait for someone to assess later if you’re impacted, find out immediately and patch. Reducing the level of remediation required due to the Hafnium hack, or limiting even worse consequences to your business, depend upon your immediate actions.
Several Actions You Can Take Now
If you’re looking for the expertise and services to automate and enhance your strategy to backup data offsite and Disaster Recovery capabilities, or desire a comprehensive backup and recovery solution for Microsoft 365 in a simple “as a Service” package, Otava can help. Consider our secure, compliant cloud solutions managed by a team of experts trained in the latest security best practices. Call 877-740-5028 or contact us to learn more.
An analysis of the value of each workload and its overall impact on the business, in the event of disruption or loss, is a critical precursor to determining the level of disaster recovery required.
According to Veeam research, a staggering 74 percent of Microsoft 365 users have no protection strategy – despite the fact that Microsoft 365 does not come with comprehensive or long-term backup.
Otava Managed Cloud Backup powered by Veeam provides a fully integrated, fast, and secure way to backup your data to Otava’s powerful private cloud, complete with 24/7 world-class support management