Securing Exchange servers is hard. I mean it can be a giant pain sometimes. There are what, hundreds of millions or maybe billions of lines of code running on your Exchange servers, right? It doesn’t take much for a typo to get through and open a vulnerability that can then be exploited opening the most important and valuable data within your organization to all kinds of bad actors.
When I was starting my career as an IT pro, generally a virus would just crash your PC. Maybe you would get your hard drive deleted, which was terribly inconvenient but not much of a financial threat to organizations. In 2020, if a hacker can gain access to your IT resources, that person is most often doing so with some sort of monetary goal in mind. That goal might be a ransomware attack, it might be to harvest passwords to sell (notice how I did not say “on the dark web”? I assume that is where most passwords are sold but since this is not a commercial for some sketchy identity protection product, I don’t feel the need to include that bit of extra scare tactic).
There are real world vulnerabilities out that that could be affecting your on-premises Exchange servers right now (okay, maybe a little scare is warranted). In this blog post I’m going to talk about those exploits, how to protect your organization from them, and how to keep your organization safe from future exploits.