Is Microsoft On-Premise Exchange Safe in 2021?

Eric Clark
| Client Success Associate

A NATION-STATE ATTACK AGAINST ON-PREMISE MS EXCHANGE COMPROMISED AT LEAST 30,000 BUSINESSES

On Wednesday, March 3rd, 2021SWICKtech had all hands-on deck to update a critical patch. Attacks from Hafnium, a state-sponsored Chinese hacking group was originally detected in January of 2021. However, it was not publicly announced until just recently. Mostly small and medium-sized businesses in industries, including DOD contractors, were targeted.

SWICKtech’s Client Engagement Team works with many business leaders, and a significant amount believe they are too small to be targeted by a cyber-attack. Cybercriminals may not be targeting specific SMB’s, however, they are actively scouting for vulnerabilities like the Microsoft Exchange on-premise exploit.

When SWICKtech learned of this exploit, our Engineering and Client Engagement Team made it top priority to put together a swift plan of action to handle client outreach to inform clients of this imminent threat.

From there, the Engineering team deployed critical patches where necessary and confirmed the exploit did not compromise the potentially impacted systems and servers.

 

“Thanks to your team this morning for jumping on the critical patch to our Microsoft server. It sounds like a particularly dangerous issue!”

 

Fortunately, there was no collateral damage. If SWICKtech’s response would have been delayed, the damage could have significantly impacted business operations.

It is important to note, SWICKtech has helped several dozen businesses migrate their on-premise Microsoft Exchange to Microsoft Exchange Online (O365/M365) over the last few years. Microsoft Exchange Online is not impacted by this issue.

Now that these vulnerabilities have been made public, there has been a notable increase of searches for unpatched Exchange servers exposed to the internet.

If your business is running Exchange on-premise for email and you have concerns about this known vulnerability, SWICKtech can help secure your IT.

Stop potential hackers in their tracks.

Related Blogs

Payroll Diversion Fraud Is Targeting Employees

Payroll Diversion Fraud Is Targeting Employees

Costly direct deposit theft scams are on the rise How does it work? Cyber criminals are after employee paychecks that ... Read More >
SWICKtech’s New Cybersecurity Agreement Makes Implementing New Cyber Insurance Requirements Easy

SWICKtech’s New Cybersecurity Agreement Makes Implementing New Cyber Insurance Requirements Easy

You may not know your business is at risk until it's too late The landscape of Information Technology (I.T.) has ... Read More >
What Is the Log4J Vulnerability?

What Is the Log4J Vulnerability?

Log4J is a free and open-source logging library widely used by companies large and small. Officially designated CVE-2021-44228, the 0-day ... Read More >