Last week Microsoft released emergency patches for security vulnerabilities affecting Microsoft Exchange email servers. At the time of publication, Microsoft said the vulnerabilities were exposed to "targeted and limited" attacks. In the days that followed, however, the attacks skyrocketed.
The American journalist and investigative reporter Brian Krebs has reported that 30.000 organizations in the United States and hundreds of thousands worldwide have been compromised by these attacks on Exchange. Other sources consider these estimates to be too low. Chris Krebs, former head of US CISA, said these attacks "will particularly hit those who can least afford them (SMBs, educational institutions, states and local businesses)".
SMEs with Exchange are particularly at risk
Avast agrees that small and medium-sized businesses (SMB) and small organizations are particularly at risk from these Exchange attacks. In addition, there is currently little information that is aimed at this target group. To help SMB customers, Avast has just published a blog with information about the situation and the steps these customers can and should immediately take to protect themselves. Above all, these organizations must fear the risk that these attacks could develop into ransomware attacks in the future.
The author of the article Christopher Budd, Avast's Senior Global Threat Communications Manager, spent ten years at the Microsoft Security Response Center (MSRC) as a leader in situations like this and draws on that experience in his blog post. The steps he outlines provide clear, simple, and actionable advice for SMBs:
- patch immediately,
- Take steps to determine if they have been compromised
- disconnect and rebuild all systems that have been compromised,
- Set up aggressive surveillance and security scans to check for any further signs of network compromise.
The full English blog post can also be found online.
More on this at AVAST.com
About Avast Avast (LSE: AVST), a FTSE 100 company, is a leading global provider of digital security and privacy products. Avast has over 400 million online users and offers products under the Avast and AVG brands that protect people from threats from the Internet and the evolving IoT threat landscape. The company's threat detection network is one of the most advanced in the world, using technologies like machine learning and artificial intelligence to detect and stop threats in real time. Avast's digital security products for mobile, PC or Mac have been top-rated and certified by VB100, AV-Comparatives, AV-Test, SE Labs and other test institutes.