60 Second Rundown…
- Patches, bug fixes, and upgrades protect Windows machines against malicious attacks.
- Windows Exchange Servers are high-value targets for cyberattacks and data breaches.
- Data Breaches are a problem for any size business.
- Hackers target small businesses that don’t regularly install security updates.
- Check for system compromises following critical security patches.
How often should I patch my servers?
Generally, updating your servers at least once a month will suffice. Software companies like Microsoft and Adobe release updates on the second Tuesday of the month, called Patch Tuesday. However, if there are known security exploits, immediately patch any critical vulnerabilities.
Windows updates and patches guard your network against malicious attacks. Vulnerabilities and exploits in Microsoft devices allow hackers to access email accounts and install malware that gives them long-term access to the server. The Microsoft Security Response Center is constantly updating security as each vulnerability is found. However, a network is only protected if the IT department installs patches, fixes bugs, and upgrades firmware and operating systems.
Exchange Servers are a high-value target for threat actors looking to attack business networks. Attackers can take advantage of vulnerabilities to access the entire network, including files, emails, and calendars. As soon as a vulnerability is found, hacking groups scramble to exploit it before companies patch their servers. For example, over a few days in March, the Chinese-backed group Hafnium hit 30,000 U.S. organizations with exploits in Microsoft Exchange Servers. Hafnium and other groups continued these attacks on unpatched systems. We recommend our clients use cloud services instead of Exchange Servers.
Recently, the company Acer fell victim to a $50 million data breach. A rogue group called REvil published pictures of stolen financial documents as proof of the breach that likely came from a Microsoft Exchange Server vulnerability. Data breach attacks can cause problems for any business, big or small. Companies can defend themselves against potential attacks by staying up-to-date with software patches, bug fixes, and firmware updates.
Windows Updates and Patches
Small organizations are often victims of attacks because they are less likely to stay up-to-date on patches. Administrators may turn off automatic updates to avoid server downtime. Instead, patches are installed manually by an in-house team or a local outsourced I.T. provider. Sometimes updates to the operating system are delayed until they become absolutely necessary. Patches are rolled out as important, recommended, or not important. Keeping up with security updates is mission-critical for small businesses, schools, and local governments. Don’t leave yourself open to attack.
Checking for Compromise
Installing Windows updates and patches is not always enough. If the system is compromised, you need to determine the extent of the damage. Threat actors can use exploits to form a kill chain which lets them install web shells for future attacks. Web shells are bits of malicious code that look and act like a web interface. Hackers use these to hide malicious traffic.
If your small business needs help to stay safe from hackers, call SMB Support at 908-895-0273.