Ransomware Attack on Hosted Exchange Impacts Thousands of Customers

ransomware attack

Cloud Solutions provider Rackspace has confirmed they were hit by a Ransomware attack last week, leaving thousands of customers without access to their email.

Reports indicate that service started experiencing problems on Friday Dec. 2nd when they became aware of suspicious activity on their hosted Exchange servers which operates email service for their clients. The service provider took proactive measures to isolate the Hosted Exchange environment to contain the incident.

While investigation is still underway, security researchers believe the incident may involve exploitation of the Microsoft Exchange vulnerabilities CVE-2022-41040 and CVE-2022-41082, better known as ProxyNotShell. ProxyNotShell first came to light in late September after Vietnamese cybersecurity company GTSC observed it being exploited in the wild. Microsoft confirmed the exploitation is linked to a state-sponsored hacker group.

Rackspace has not yet revealed how much sensitive data was affected or stolen, but it appears that the incident will cost the company upwards of $30 Million in lost revenue for it’s hosted email business. In response to the attack, Rackspace is currently moving its clients from Hosted Exchange over to Exchange Online and Microsoft 365 to limit disruption.

What can we take away from this incident?

  • Ransomware is still the number 1 attack method for cybercriminals with a hyper-focus on targeting on-premise and hosted applications
  • On-premise and hosted environments are much easier to gain access to because patching and security updates require manual work, whereas with Microsoft 365 and Exchange Online those same updates can get pushed out automatically, making the cloud-based version much more easy to manage and more secure than the hosted or on-premise version.
  • The security stack that is included with your Microsoft 365 subscription offers a level of protection required today that most businesses simply can't get on their own, PLUS it comes FREE with your Microsoft 365 license that you’re already paying for!

If you're still running your email from a server in your office or from a private cloud datacenter, there is a better way! Contact ANP today to discuss a FREE Microsoft 365 Assessment  and find out how we can help you make the move to Microsoft 365 and how to get the most from your Microsoft 365 subscription.


Talk to a Cloud Expert

Are you sure you’re getting the most out of your Microsoft suite? Reach out to us today to get a free Microsoft 365 assessment and find a team that can help you achieve your cloud goals.