DearCry Ransomware & Why You Should Be on the Cloud

DearCry Ransomware & Cloud Computing

If your IT team hasn’t already moved you off an on-premises Microsoft Exchange Server into Exchange Online or at least very strongly recommended it, it’s time to start asking some hard questions. Even before the HAFNIUM zero-day infiltration into on-premises MS Exchange Servers was discovered, a large number of businesses had already moved to MS Exchange Online for its increased security and to eliminate the need for capital expense of on-premises email servers. So why haven’t you?

Ongoing On-Premises Exchange Server Vulnerability

The HAFNIUM attack provided bad actors an attack vector to infiltrate public facing Exchange Servers via previously unknown vulnerability. Unfortunately, that’s not all the bad news, we’ve now learned that malware known as “DearCry” is using that vulnerability to launch ransomware attacks. Nearly 7,000 exchange servers were exposed, according to a recent report.

As a cybersecurity and IT professional, I continue to marvel at the fact that so many businesses are still using on-premises Exchange Server when Exchange Online offers so much more security, convenience and an operational expense model.

Benefits of Moving to the Cloud and Microsoft Exchange Online

There are many benefits of moving to Exchange Online, including:

  • Security. Microsoft has invested over 1 billion dollars and security R&D and has more than 3,500 cybersecurity experts bringing you:
    • Multi-factor authentication (MFA)
    • Encryption of email in transit and at rest
    • Microsoft Defender for Office 365 (formerly known as Advanced Threat Protection)
    • Continuous updates
    • Powerful spam filtering
  • OpEx model, only pay for what you use
  • Quickly scale up or down
  • 99.99 percent uptime SLA in most case
  • Compliant with all major regulators standards such as HIPAA, FISMA and ISO 27001. 
  • Accessible from anywhere on nearly any device
  • Large mailboxes and individual emails: 50 GB mailboxes; 150 GB archive mailboxes; 150 MB email sizes
  • Real-time collaboration through tight integration with Office 365, SharePoint and Teams
  • Data loss prevention
  • E-Discovery
  • Litigation hold
  • Mail-flow automation

If you have questions about these benefits, one of our friendly experts will be happy to discuss them with you.

It May Be Time to Change More Than Your Server

If you are currently outsourcing to an MSP and they had not been advising you to move to Microsoft Exchange Online prior to this month’s attacks, it may be time to reconsider your IT support. Businesses need proactive and strategic IT guidance to stay ahead of vulnerabilities and business needs, not to just react to them.

If you have an internal IT team, it’s not their fault. The modern pace of digital transformation and cyberattacks is dizzying, even for professionals who live and breathe it every day. It’s nearly impossible for a small internal IT team to keep up with these changes or to have depth of knowledge and hands-on experience that businesses increasingly require to stay productive and secure. Even if you are willing to pay top salaries to attract and retain that expertise, it can be difficult to manage that talent and to ensure they are focused on the right things and able to grow in their career. To help support your internal IT team, Intrust IT offers SupplementalCare agreements in which our team of more than 25 technical experts can augment and support your internal IT team to the extent necessary to achieve your business and security objectives.

If we can help in any way, please reach out on our contact us  page or by directly booking a virtual meeting.

Dave Hatter

Dave Hatter

Dave Hatter (CISSP, CCSP, CCSLP, CISA, CISM, PMP and ITIL) is a cyber security consultant, writer, educator and on-air media contributor. See hundreds of Dave’s expert interviews on cyber security on his YouTube channel, or tune in to 55KRC every Friday morning at 6:30 for his “Tech Friday” segment.

Share this Blog

Enterprise Password Management Promo Wide

Is Your Name or Birthday a Part of Your Password?

If so, you’re a part of the 59 percent of people who don’t follow proper password hygiene. More than 70 percent of passwords are used for more than one system, meaning if cybercriminals crack one, they can access a lot more accounts.

Our free Enterprise Password Management Guide will give you the best password hygiene practices to help you secure your computer and your business.

Download the Guide

Explore the Latest Trends in IT

Fundamentals of Information Technology Management - Intrust

IT 101: What Is Information Technology Management?

When was the last time you stopped to think about how your business relies on technology? Information technology management is...
Avoid Pig-Butchering - Intrust IT

Pig-Butchering Scams: What They Are and How to Stay Safe

At Intrust IT, we understand that it may feel like the specter of cybersecurity is always breathing down your neck....
3 Reasons to Replace Aging Equipment - Intrust IT

Three Compelling Reasons Your Company Should Replace Its Aging Computers Before Year-End

As the end of the year approaches, businesses everywhere are evaluating their budgets and looking for strategic opportunities to invest...
What are managed services - Intrust IT

What Are Managed Services? And What Are the Benefits?

Running a business in today’s tech-driven world means you need reliable IT infrastructure. But let’s be honest, managing IT in-house...
Windows 10 End of Life How This Could Impact Your Business - Intrust IT

Windows 10 End of Life: How It Could Impact Your Business

As Microsoft officially plans to end support for Windows 10 on October 14, 2025, businesses need to begin thinking ahead....
AI implementation Roadmap Intrust IT

Master AI Integration With Our AI Implementation Roadmap Guide

AI is one of the greatest technological breakthroughs of the last few years. It has become our handy assistant, data...