eCommerce News New Zealand logo
The latest digital commerce news for Kiwi businesses
Story image

Microsoft Exchange breach a wake-up call to ditch the server

By Shannon Williams
Wed 31 Mar 2021
FYI, this story is more than a year old

The recent Microsoft Exchange breach is a wake-up call to New Zealand small and medium enterprises to ditch the server, according to Vertech IT Services managing director, Daniel Watson.

The international breach of Microsoft Exchange by hackers in March is believed to have impacted a large but unknown number of New Zealand companies.

"It should serve as a timely warning to many local SMEs that it's time to toss the company server," Watson says.

Microsoft Exchange is a standard email inbox, calendar, and collaboration solution used by companies that still keep their servers on company premises. By exploiting vulnerabilities in the software, hackers can seize 'command line access' take total control of the machine of any company server using Microsoft Exchange versions 2010, 2013, 2016 or 2019.

Watson says the Microsoft hack allows criminals to install malicious software on the servers and computers of many local SMEs that still have exchange servers on their premises.

 "This means they can execute malicious programmes, such as DearCry ransomware, or malware, silently exfiltrate confidential data, or use the computers as staging platforms to do other illegal things on the internet such as hosting child pornography and affected businesses won't even know they've been compromised," he says.

"I know there are SME owners who still have in-house exchange servers because they are suspicious of the cloud or have concerns about their data sovereignty or don't want to contemplate the capital expenditure. But the warning is clear. Get rid of them."

Watson says the industrial espionage group that targeted the Microsoft Exchange flaws known as Hafnium (a state-sponsored threat group from China) generally targets infectious disease centres, law firms, tertiary institutions, defence contractors, policy think tanks and NGOs.

"However, while Hafnium opened the gate, so to speak, we now have multiple hacking groups utilising these vulnerabilities over a long period," he says. 

"It is believed the first servers were breached as early as 6 January this year, but the patches (to plug four security holes in Exchange software) were released on 2 March. Now that the knowledge is out there any criminal group can get in on the action and it is a race to patch and clear out any compromises," Watson explains.

"We recently encountered a business still running an exchange server because they were suspicious of the cloud. While the IT manager has already patched the software, we might find that the system has already been compromised because just patching doesn't remove any breaches or fix the damage once they are in the backdoor, they are in."

Watson advised companies that are still using onsite exchange servers to patch, scan and migrate.

Install the Microsoft patches
 
Suggestions are that more than 125,000 servers worldwide 30,000 are known to be infected in the United States have not yet been patched. Watson urged companies with Microsoft Exchange servers to apply the updates immediately.

Conduct a security sweep

Companies still running a local exchange server should run a security sweep. If they find they have been compromised, they will need to thoroughly check for illicit activity throughout their company network.

"Don't just rely on your anti-malware or anti-virus because if hackers have control of your system, they will have disabled your anti-virus," Watson says.

Migrate to the cloud
 
"Get rid of your local exchange server. There is no need for it. The cloud is more secure, and there are clear arguments for resilience and better economies out of cloud solutions," he says.

"If you absolutely need a local exchange server and you should question yourself closely then you're going to have to secure it properly with active intrusion prevention measures and close monitoring of the traffic moving through your network."

Related stories
Top stories
Story image
Tablets & laptops
Chromebook and tablet shipments see another rapid decline for the year
According to research from Canalys PC Analysis, Chromebook and tablet shipments have fallen for the fourth quarter in a row for Q2 of 2022.
Story image
Financials
Google NZ numbers show strong comprehensive profit increase
The latest financial report from Google New Zealand Limited has revealed an increase in total comprehensive profit of over $NZD 7 million.
Story image
Financial results
Facebook NZ financial report reveals notable revenue increase
Revenue from contracts with customers increased by $NZD 1,089,292 compared to 2020's figures.
Story image
Customer
OfficeMax NZ sees significant growth through Seismic partnership
OfficeMax New Zealand has announced it has seen a significant increase in customer and sales confidence as a result of Seismic’s digital enablement software.
Story image
Sales
BNZ launches first tap-on-phone point of sale app in NZ
Bank of New Zealand has launched BNZ Pay, an innovative mobile app for retailers that transforms an Android device into a contactless payment terminal. 
Story image
Apps
Freshworks integrates with Google's Business Messages
"The integration with Freshworks makes it fast and easy for businesses to have conversations with their customers within the Google apps."
Story image
Payments
Tranxactor Group to build customer loyalty with Oracle
Tranxactor has chosen Oracle Cloud Infrastructure (OCI) with Enterprise Database Service to allow it to provide brands with immersive customer engagement and loyalty programs.
Story image
Social Media
ActiveCampaign reveals consumers seek trusthworthy content
Consumers will engage with new brands across all channels, including online, in-store and social media, as long as the content is relevant and trustworthy.
Story image
Manufacturing
How manufacturers can respond to rapid change with technology
Disruption, innovation, and continual refinement of shop floor processes are driving factors in today’s complex market landscape. 
Story image
Revenue
Cisco NZ revenue declines by over $18.5 million - report
Cisco NZ has released its latest financial report, showing the company's total revenue has declined by more than $18.5 million year-over-year.
Story image
Internet
InternetNZ appoints new chief executive. Will take over in October
InternetNZ has announced the appointment of its new chief executive, with Vivien Maidaborn taking over the role from interim chief Andrew Cushen in October.
Story image
Cloud
Sitecore caters to modern marketing teams with CMS cloud launch
"Sitecore's move towards a composable SaaS offering for creating and delivering digital experiences is in line with what marketing teams are looking for.”
Story image
eCommerce
Marketplacer and Intelligent Reach to help retailers sell online
Intelligent Reach can now support Marketplacer marketplaces that want to sell their products through other places, such as Google and Facebook, eBay and Amazon.
Story image
Cybersecurity
eCommerce fraud increasing pressure on businesses margins
It is vital for businesses to maximise the value of every dollar by turning away as many fraudulent actors as possible without blocking good customers."
Story image
Printers
Comedy legend Jimeoin fronts Epson advertising campaign in NZ and Australia
According to Epson the company’s EcoTank models now account for 74% of all printers sold in the category in New Zealand, alone.
Story image
Artificial Intelligence
Cyara rolls out comprehensive, automated chatbot feature
Cyara has unveiled new chatbot testing features with the latest release of Cyara Botium, creating a solution for comprehensive, automated chatbot testing and assurance.
Story image
Artificial Intelligence
Oracle unveils AI-powered application to automate sales
Oracle has unveiled the next generation of Fusion Sales, an application that automates sales and identifies the opportunities worth pursuing.
Story image
Customer
Airwallex launches an online payments app on Shopify
Airwallex has launched an online payments app on Shopify, allowing merchants to integrate a gateway plugin on their online store to accept payments from their global customers.
Story image
Artificial Intelligence
How to overcome the digital experience dilemma - NICE
While self-service solutions can provide major benefits, live voice and chat interactions are still an important part of customer service that continue to need support and investment.
Story image
Enterprise Resource Planning / ERP
Why the right ERP (and partner) is crucial to an innovative and successful business
Enterprise Resource Planning (ERP) is a foundational step to ensuring a robust business model; here's why choosing the right one could be vital to ensuring long-term success and innovative results.
Story image
Omnichannel
UNIQLO operator chooses Adyen for multiple market payments
The operator of UNIQLO, Fast Retailing, has selected Adyen to power payments for its in-store and online checkout in multiple markets.
Story image
Commerce Commission
The NZ TCF endorses move by ComCom to promote TDR dispute scheme
The New Zealand Telecommunications Forum has welcomed the move by the Commerce Commission to further promote customers' access to the Telecommunications Dispute Resolution Scheme (TDR).
Story image
Ebay
FedEx and eBay team up to boost APAC eCommerce options
FedEx Express' new alliance with eBay enables eBay sellers in APAC to sign up for a FedEx account and access the full spectrum of FedEx e-commerce delivery service options at competitive rates.
Story image
Microsoft
Infobip’s SMS and WhatsApp services are now available through Microsoft
Infobip has integrated its WhatsApp and SMS channels through Microsoft Dynamics 365 Sales and Microsoft Dynamics 365 Marketing.
Story image
Forrester
SAS is a leader in anti-money laundering - Forrester
The latest Forrester report revealed that SAS received the highest score in the anti-money laundering category of 15 vendors.
Story image
Havas Media Group
Havas solution meets critical time as brands shift to online sales
Havas Media Group says its Havas Market solution provides businesses with a strategic full-service eCommerce offering at a time when sales are increasingly moving online.
Story image
KICKS CREW
KICKS CREW selects Forter to help scale global eCommerce operations
KICKS CREW has selected Forter to help scale its global digital commerce operations.
Story image
Wireless
Hands-on review: Jabra Engage 55 wireless headset
We get our hands on a German design professional headset that many knowledge workers could benefit from.
Story image
Remote Working
Mantel Group continues NZ expansion with Auckland office
"Our desire is to offer real understanding to our New Zealand clients, and help provide solutions that better their business.” 
Story image
Phishing
Akamai research finds PayPal security measures utilised in new phishing scam
New research from Akamai has found that a new threat actor is parasitising benign WordPress sites to execute an extensive PayPal phishing scam.
Story image
Customer experience
BillingPlatform introduces new enhancements to revenue management services
Some of the new developments include hosted payment pages, and new and updated connectors to Salesforce, NetSuite, OneSource, Avalara and other enterprise systems.
Story image
Robotic Process Automation / RPA
Western Union implements intelligent automation programme from SS&C Blue Prism and ISG
Western Union has successfully implemented a strategic intelligent automation programme from SS&C Blue Prism and its certified partner, ISG.
Story image
Planning
Digital key for smart investment in public infrastructure for NZ cities
Major public infrastructure projects can better manage risks of cost overruns and delays if they deploy data and digital tools at the earliest planning stages.
Story image
Fraud
Cost of fraud up 10 to 16% in APAC from pre-pandemic levels
LexisNexis Risk Solutions released the latest APAC edition of the True Cost of Fraud Study, which surveyed 387 risk and fraud executives.
Story image
Revenue
IBM NZ sees significant revenue increase in latest report
IBM NZ has posted revenue of $172,449,000 for the financial year, according to its latest report, a year-over-year increase of over $47.5 million compared to $124,904,000 in 2020.
Story image
Facial recognition
Māori data specialists not consulted on facial recognition technology - data sovereignty expert
Māori data specialists are accusing the government of ignoring them while going ahead and expanding the reach of facial recognition technology.
Story image
Digital Journey
NICE unveils new CXone capabilities with latest release
NICE has announced the Summer 2022 release of CXone, which adds new capabilities that enhance journey orchestration and complete performance.
Story image
New Zealand
Research finds Kiwis prefer real backdrops in video calls
New research from Natural Paint Co. has found that 74% of Kiwis prefer seeing a natural background behind people during video meetings.
Story image
Cloud
Microsoft and Auckland Transport announce new cloud agreement
Auckland Transport (AT) and Microsoft have announced a new cloud agreement aimed at promoting innovation, reducing costs and improving sustainability in transport services.
Story image
Digital Transformation
Understanding modern retail through the Gen Z filter
Retailers face the challenge of managing their own digital transformation while also scrambling to serve the needs of a younger and increasingly online-savvy audience.
Story image
Customer experience
Why scalable networks are key to delivering consumer-centric outcomes
To be consumer-centric, an organisation must have IT infrastructure that adopts the strategy of the 'infinite enterprise'. Extreme Networks explains.
Story image
ShopBack
Forter and ShopBack enhance partnership to further prevent fraud
Forter and ShopBack have enhanced their partnership with the addition of better eCommerce security solutions for customers.