“At least 30,000 organizations across the United States — including a significant number of small businesses, towns, cities and local governments — have over the past few days been hacked by an unusually aggressive Chinese cyber espionage unit that’s focused on stealing email from victim organizations, multiple sources tell KrebsOnSecurity. The espionage group is exploiting four newly-discovered flaws in Microsoft Exchange Server email software, and has seeded hundreds of thousands of victim organizations worldwide with tools that give the attackers total, remote control over affected systems.
On March 2, Microsoft released emergency security updates to plug four security holes in Exchange Server versions 2013 through 2019 that hackers were actively using to siphon email communications from Internet-facing systems running Exchange.”
It’s a common misconception that only companies who store their data in the cloud are vulnerable to hacking. In reality, any company utilizing on-premise solutions is more likely to get hacked. You see, back in the day, I used to install Microsoft Exchange Server for law firms. You made a lot of money, but they were a pain in the ass to maintain, which is why we could charge so much.
After a few years of running exchange servers on-premise, we faced two big issues: if somebody got a virus and their PC started blasting out spam, everyone’s email got blacklisted and labeled as spam. We also lived in South Louisiana, where we were hit with Katrina, Rita, Gustav, and many other annoying hurricanes.
Hurricane Gustav in 2008 left me stranded in a friend’s condo for two weeks. I knew my company wouldn’t power up our Microsoft Exchange server for two weeks, so I switched over to Intermedia. This company took over hosting your in-house exchange server. When Microsoft came out with Office 365, I switched all my clients to that.
All of these companies that just got hacked were using Microsoft Exchange Server instead of Microsoft 365.
Pre-Covid, I was eating dinner with the IT director of a law firm I was moving from Worldox (an on-premise document management system) to NetDocuments (a cloud-based document management system)
“Hey, so why did you decide to switch to NetDocuments?” I asked him.
He sighed and rubbed his forehead as he responded, “Last year, we got ransomware four times, each by a named partner. I am moving to NetDocuments, so I no longer have to deal with my firm’s files getting encrypted by hackers.”
If you’re dealing with a nation-state coming after your law firm, there’s only so much you can do. Do you have the engineers, resources, and infrastructure necessary to stop them?
Probably not, but guess who does, companies like NetDocuments and Microsoft.
It’s 2021; please replace your on-premise exchange server with Microsoft 365 and your document server with NetDocuments.