Video | Agriculture | Confidence | Economy | Energy | Employment | Finance | Media | Property | RBNZ | Science | SOEs | Tax | Technology | Telecoms | Tourism | Transport | Search

 

Microsoft Exchange Breach A Wake-up Call To Kiwi SMEs – Ditch The Server

The international breach of Microsoft Exchange by hackers in March is believed to have impacted a large but unknown number of New Zealand companies. It should serve as a timely warning to many local SMEs that it's time to toss the company server.

Microsoft Exchange is a standard email inbox, calendar, and collaboration solution used by companies that still keep their servers on company premises. By exploiting vulnerabilities in the software, hackers can seize 'command line access' – take total control of the machine – of any company server using Microsoft Exchange versions 2010, 2013, 2016 or 2019.

Author of the book 'She'll Be Right (Not!) – a cybersecurity guide for Kiwi business owners – SMB cybersecurity expert and managing director of Vertech IT Services, Daniel Watson, said the Microsoft hack allows criminals to install malicious software on the servers and computers of many local SMEs that still have exchange servers on their premises.

"This means they can execute malicious programmes, such as DearCry ransomware, or malware, silently exfiltrate confidential data, or use the computers as staging platforms to do other illegal things on the Internet such as hosting child pornography – and affected businesses won't even know they've been compromised.

"I know there are SME owners who still have in-house exchange servers because they are suspicious of the cloud or have concerns about their data sovereignty or don't want to contemplate the capital expenditure. But the warning is clear. Get rid of them."

Watson said the industrial espionage group that targeted the Microsoft Exchange flaws – known as Hafnium (a state-sponsored threat group from China) – generally targets infectious disease centres, law firms, tertiary institutions, defence contractors, policy think tanks and NGOs.

"However, while Hafnium opened the gate, so to speak, we now have multiple hacking groups utilising these vulnerabilities over a long period. It is believed the first servers were breached as early as 6 January this year, but the patches (to plug four security holes in Exchange software) were released on 2 March. Now that the knowledge is out there any criminal group can get in on the action and it’s a race to patch and clear out any compromises.

"We recently encountered a business still running an exchange server because they were suspicious of the cloud. While the IT manager has already patched the software, we might find that the system has already been compromised because just patching doesn't remove any breaches or fix the damage – once they are in the backdoor, they are in."

Watson advised companies that are still using onsite exchange servers to patch, scan and migrate.

1. Install the Microsoft patches

Suggestions are that more than 125,000 servers worldwide – 30,000 are known to be infected in the United States – have not yet been patched. Watson urged companies with Microsoft Exchange servers to apply the updates immediately.

2. Conduct a security sweep

Companies still running a local exchange server should run a security sweep. If they find they have been compromised, they will need to thoroughly check for illicit activity throughout their company network.

"Don't just rely on your anti-malware or anti-virus because if hackers have control of your system, they will have disabled your anti-virus," he says.

3. Migrate to the cloud

"Get rid of your local exchange server. There is no need for it. The cloud is more secure, and there are clear arguments for resilience and better economies out of cloud solutions.

"If you absolutely need a local exchange server – and you should question yourself closely – then you're going to have to secure it properly with active intrusion prevention measures and close monitoring of the traffic moving through your network," Watson said.

For more information visit: https://www.linkedin.com/in/daniel-watson-smb-cybersecurity-expert-07424b12/

© Scoop Media

 
 
 
Business Headlines | Sci-Tech Headlines

 

Energy Resources Aotearoa: New Law On Decommissioning Could Be Costly Overkill
A new law on decommissioning oil and gas fields passed by Parliament today has good intentions but is overkill, according to Energy Resources Aotearoa. "We strongly support operators taking responsibility and paying the costs for decommissioning, which is what all good operators do," says chief executive John Carnegie... More>>


Commerce Commission: News Publishers’ Association Seeks Authorisation To Engage In Collective Bargaining

News Publishers’ Association of New Zealand Incorporated seeks authorisation and provisional authorisation to engage in collective bargaining with Facebook and Google. The Commerce Commission has received applications from News Publishers’ Association of New Zealand Incorporated (NPA) seeking authorisation and provisional authorisation on behalf of itself... More>>


Reserve Bank: MPC Continues To Reduce Monetary Stimulus
The Monetary Policy Committee agreed to raise the Official Cash Rate (OCR) to 0.75 per cent. The Committee agreed it remains appropriate to continue reducing monetary stimulus so as to maintain price stability and support maximum sustainable employment... More>>

PriceSpy: Producer Prices Increase
New Black Friday and Covid-19 Report* released by PriceSpy says people’s fear of stepping inside physical shops during big sales events like Black Friday has risen since last year; Kiwis are still planning to shop, but more than ever will do it online this year... More>>

NZ Skeptics Society: Announce Their 2021 Awards, And Dr Simon Thornley Wins The Bent Spoon

Every year the New Zealand Skeptics presents its awards to people and organisations who have impressed us or dismayed us, and this year it’s been hard to pick our winners because there have been so many choices!.. More>>



REINZ: Sales Volumes Leveling Out

Data released today by the Real Estate Institute of New Zealand (REINZ) shows there were 44 fewer lifestyle property sales (-2.6%) for the three months ended October 2021 than for the three months ended September 2021... More>>


BNZ: Auckland Retail Card Spending Bounces Back In Step Two
Bank of New Zealand (BNZ) card spending data released today shows one week of retail therapy at Alert Level 3 Step 2 has been enough to raise card spending in Auckland to levels greater than before the Delta lockdown... More>>