Government-sponsored Exchange server attacks; consider managed VPSs

  1. In a recent blog post, Microsoft drew attention to the fact that government-sponsored actors most often tap information from areas such as infectious disease research, law firms, higher education institutions, defense contractors, policy think tanks, and non-governmental organizations.
  2. Increasing vigilance and security in the modern workplace

Labeled “Hafnium” by the Microsoft Threat Intelligence Center (MSTIC), the group is described as “a highly skilled and sophisticated actor” based in China that conducts its operations primarily from rented virtual private servers (VPS) in the United States.

These malicious intentions have underscored the need for increased vigilance and security as the modern workplace shifts to a hybrid model. However, with the right solutions and dedicated resources, enterprises and IT managers can continue to conduct business effortlessly and efficiently while ensuring the security of identities and data across multiple locations and devices.

For its part, Microsoft has released security updates to protect customers using Exchange Server and strongly recommends that customers install these updates immediately. Exchange Server is primarily used by business customers. Microsoft says it has evidence that Hafnium’s activities target individual consumers or that the vulnerabilities affect other Microsoft products.

  1. One way to thwart these types of attacks is to book managed VPS solutions, especially if you’re hosting digital or virtual team meetings or events in the civic sector, which typically doesn’t have as high-security standards as the corporate and government sectors.
  2. Trusted hosting solutions are based on VMware full virtualization, which gives you more isolation, autonomy, and security than other types of virtualization. For one, with a fully isolated server room, you have full control over the environment, allowing deep customization and optimized accounts for best performance.
  3. Hosted VPS plans are very versatile, allowing you to customize your resources on the go and scale your project with enough CPU and RAM to run without hassle. Moreover, your VPS will be hosted in an optimal location by choosing a data center in the UK and Europe to mitigate location-based attacks.
  4. A personal customer service advisor included with a service package is an important, industry-standard addition that helps troubleshoot and resolve issues. Also, consider the various channels available for support: Live chat, phone, email, ticketing, online forms, Skype, Discord, Slack, social media accounts – it’s worth covering them all.
  5. The advantages of managed VPS hosting packages

VPS hosting has four main components: Setup, management, maintenance, and problem resolution. Server configuration, operating system installation, firewall setup, and software selection require very specific knowledge and experience that is best left to your provider.

The details of server management, including monitoring accounts, checking system health, and security procedures, are managed by reliable providers who often go a step further and install plugins, patches, and software updates.

Web servers are complex combinations of hardware and software that require regular maintenance to avoid the risk of malicious attacks, errors, and failures. Managed VPS support often covers all server maintenance tasks so you can focus on your event, meeting, or digital project.

As for problem resolution, your hoster will step in to solve server errors, network-related issues, and hardware and software product failures.

This is the eighth time in the past 12 months that Microsoft has publicly disclosed nation-state groups targeting institutions critical to civil society. Another noted activity has targeted healthcare organizations embroiled in COVID-19 care, political campaigns, elections, and high-profile policy-making conferences.

Exchange Server attacks advanced in three steps

According to Microsoft, the malicious attacks begin with either stolen passwords or exploitation of previously undiscovered vulnerabilities that disguise the attacker as someone who should have access.

A “web shell” is then created to remotely control the compromised server, followed by remote access, from private servers in the U.S., to steal data from a company’s network.

Related Posts