Video | Agriculture | Confidence | Economy | Energy | Employment | Finance | Media | Property | RBNZ | Science | SOEs | Tax | Technology | Telecoms | Tourism | Transport | Search


Microsoft Exchange Breach A Wake-up Call To Kiwi SMEs – Ditch The Server

The international breach of Microsoft Exchange by hackers in March is believed to have impacted a large but unknown number of New Zealand companies. It should serve as a timely warning to many local SMEs that it's time to toss the company server.

Microsoft Exchange is a standard email inbox, calendar, and collaboration solution used by companies that still keep their servers on company premises. By exploiting vulnerabilities in the software, hackers can seize 'command line access' – take total control of the machine – of any company server using Microsoft Exchange versions 2010, 2013, 2016 or 2019.

SMB cybersecurity expert and managing director of CorporateCARE IT Services, Bruce Watson, said the Microsoft hack allows criminals to install malicious software on the servers and computers of many local SMEs that still have exchange servers on their premises.

"This means they can execute malicious programmes, such as DearCry ransomware, or malware, silently exfiltrate confidential data, or use the computers as staging platforms to do other illegal things on the Internet such as hosting child pornography – and affected businesses won't even know they've been compromised.

"I know there are SME owners who still have in-house exchange servers because they are suspicious of the cloud or have concerns about their data sovereignty or don't want to contemplate the capital expenditure. But the warning is clear. Get rid of them."

Watson said the industrial espionage group that targeted the Microsoft Exchange flaws – known as Hafnium (a state-sponsored threat group from China) – generally targets infectious disease centres, law firms, tertiary institutions, defence contractors, policy think tanks and NGOs.

"However, while Hafnium opened the gate, so to speak, we now have multiple hacking groups utilising these vulnerabilities over a long period. It is believed the first servers were breached as early as 6 January this year, but the patches (to plug four security holes in Exchange software) were released on 2 March. Now that the knowledge is out there any criminal group can get in on the action and it’s a race to patch and clear out any compromises.

"We recently encountered a business still running an exchange server because they were suspicious of the cloud. While the IT manager has already patched the software, we might find that the system has already been compromised because just patching doesn't remove any breaches or fix the damage – once they are in the backdoor, they are in."

Watson advised companies that are still using onsite exchange servers to patch, scan and migrate.

1. Install the Microsoft patches

Suggestions are that more than 125,000 servers worldwide – 30,000 are known to be infected in the United States – have not yet been patched. Watson urged companies with Microsoft Exchange servers to apply the updates immediately.

2. Conduct a security sweep

Companies still running a local exchange server should run a security sweep. If they find they have been compromised, they will need to thoroughly check for illicit activity throughout their company network.

"Don't just rely on your anti-malware or anti-virus because if hackers have control of your system, they will have disabled your anti-virus," he says.

3. Migrate to the cloud

"Get rid of your local exchange server. There is no need for it. The cloud is more secure, and there are clear arguments for resilience and better economies out of cloud solutions.

"If you absolutely need a local exchange server – and you should question yourself closely – then you're going to have to secure it properly with active intrusion prevention measures and close monitoring of the traffic moving through your network," Watson said.

© Scoop Media

Business Headlines | Sci-Tech Headlines


Tourism Futures Taskforce: Report Offers New Future Of Tourism

The Tourism Futures Taskforce Report, We Are Aotearoa , lays out how the tourism system could change to for a better and sustainable tourism future, Taskforce co-Chairs Steve Chadwick and Grant Webster said today. “We formed the Taskforce at the request ... More>>

Trade: Govt Keeps International Flights Flying And Airfreight Flowing

The Government has extended support to the aviation sector through to the end of October 2021 to help keep New Zealand connected with trade partners and maintain international passenger services, Transport Minister Michael Wood announced today... More>>

UN News: No Winners But Fewer Losers In Global Economy From COVID Than Expected

The COVID-19 pandemic seriously impacted all economies around the world last year, with trillions of dollars of lost earnings, UN trade and development experts UNCTAD said on Thursday, before highlighting how several countries also showed unexpected resilience, too... More>>

Stats NZ: December 2020 Quarter GDP Drops 1%

Gross domestic product (GDP) fell by 1.0 percent in the December 2020 quarter, following a revised 13.9 percent increase in the September 2020 quarter, Stats NZ said today... More>>

MBIE: Landlords And Tenants Reminded Tenancy Law Changes Now Apply

Tenancy Services is advising landlords and tenants to take the time to familiarise themselves with the recent Residential Tenancies Amendment Act 2020 (RTAA) changes that became law last month. The second phase of the RTAA came into force on 11 February ... More>>


One Year On From Lockdown: New Research From ASB Highlights The Financial Impact Of Covid-19 On Kiwis

An ASB financial wellbeing study which began prior to the nation’s first COVID-19 lockdown has confirmed that Kiwis have weathered the storm, ending up on average financially better off than they were this time last year... More>>

2degrees:Shareholders To Explore Possible IPO

2degrees confirms that its shareholders are exploring the potential listing of 2degrees on the main board of the New Zealand Stock Exchange (NZX) and Australian Securities Exchange (ASX) in the second half of 2021 or early 2022... More>>

NZ Apples & Pears: NZ Apple Volumes Fall: Millions Will Be Lost In Export Earnings

New Zealand Apples and Pears Inc (NZAPI), the industry association representing all apple, pear and nashi growers in New Zealand, has released an updated crop estimate for 2021... More>>