Microsoft revealed earlier this month that threat actors were compromising on-premise Microsoft Exchange servers using new vulnerabilities. Since that announcement, they have discovered that threat actors are using these Microsoft Exchange server vulnerabilities to install ransomware. Furthermore, additional post-exploitation activities could occur.
The vulnerabilities affect on-premises Exchange Server versions 2013, 2016 and 2019. Exchange Server 2010 is also being updated for defense-in-depth purposes. Exchange Online is not affected.
On March 2, 2021, Microsoft released four patches to respond to the vulnerabilities in Exchange Server versions 2013-2019. On March 8, 2021, they issued a patch for older, unsupported versions of Microsoft Exchange servers “as a temporary measure to help you protect vulnerable machines right now.”
Microsoft has continued to issue software updates to address numerous security flaws in various Microsoft products, including Internet Explorer. Furthermore, Microsoft is urging entities to act quickly to secure Exchange given the mounting attacks.
Patch Now, Contact Your Insurance Adviser
Organizations with impacted servers and that have not yet patched should prioritize doing so immediately. Those with cyber insurance also should immediately talk with their insurance broker or carrier about assistance with forensic analysis.
Further, to avoid losing the opportunity to submit a claim due to late reporting, organizations using on-premise Microsoft Exchange servers should ask their insurance adviser about submitting a Notice of Circumstance to their cyber insurance carrier, even if no damage or impact has yet been realized. Doing so will help avoid potential gaps in coverage if policies are moved from one carrier to another and will support filing claims in a timely manner.
Hylant clients can contact their service team members for further assistance. Not a Hylant client yet but need help? Contact us here.
The above information does not constitute advice. Always contact your insurance broker or trusted adviser for insurance-related questions.