Last week Microsoft announced that a cybercrime group, known as Hafnium, launched an attack campaign that exploited vulnerabilities in Microsoft Exchange email servers. These attacks were disclosed last week, but recent investigations have concluded that this campaign has been in flight for over two months.
So far, the scale of this attack is massive. As of March 8, there are a reported 60,000 known victims across the globe, including many government entities and small or medium-sized businesses. One important detail to come out of the investigations into this attack is that hackers were unsuccessful at breaching customers on Office 365. That is good news for businesses that have already transitioned to Office 365, but bad news for organizations that haven't made the switch yet.
Experts have been saying for years that the cloud is more secure, and this reinforces that assertion. Many people are still holding out, though. There can be a number of reasons businesses choose to stick with their legacy, on-premises solutions instead of transitioning to Office 365.
- Lack of information — Some organizations don’t understand the benefits of moving to the cloud or they are unsure about how to get started, so it’s easier to stick with the approach they already have in place.
- Issues about control — Some people feel they will have less control over resources and workloads in the cloud, so they hold onto on-premises servers instead, even though this approach takes more time to manage and isn’t as secure.
- Legacy regulations — In certain highly regulated industries, organizations have to follow a variety of requirements for data storage and retention, and this can make the move to the cloud more complicated.
The question is, will this latest breach tip the scales and get these cloud holdouts to finally make a change?Will the #MicrosoftExchange attack tip the scales and get cloud holdouts to make a change? #cybersecurity #publiccloudClick To Tweet
Re-thinking your security on-prem
If your business still has on-premises Exchange servers, you’re probably scrambling to figure out what you need to do to make sure your systems are secure. Microsoft recommends that customers install the security patch as soon as possible so their on-premises Exchange servers are running the latest supported version. Microsoft has also provided instructions for how to scan your Exchange servers for any indicators of compromise.
The most effective way to future-proof the security of your email environment is to migrate to Office 365. Leveraging a cloud-hosted email provider like Microsoft Office 365 means you’ll have faster deployment of system updates and security patches to protect you from zero-day attacks like the latest one by Hafnium. Because Microsoft is one of the most-targeted platforms for cyberattacks, it’s always recommended that you supplement Microsoft’s existing security with a third-party provider.
Here’s where Barracuda can help. Barracuda Total Email Protection offers comprehensive security and resiliency for your Office 365 environment that includes robust gateway security with advanced threat protection to thwart malware, and API-based inbox defense leveraging artificial intelligence to protect you from targeted social engineering attacks like business email compromise, account takeover, and domain spoofing.
Preventing email threats is only part of a holistic security strategy. It’s also critical to detect and respond to threats that infiltrate your Office 365 environment. Barracuda’s Total Email Protection also includes a completely customizable security awareness training platform to enable your users to spot and report suspicious emails, as well as an automated threat response solution to quickly and easily identify and remove email threats that might weaponize post-delivery.