The December 2, 2022 Rackspace Hosted Exchange Outage is just another reminder to the entire small and medium-sized business (SMB) community that Ransomware Prevention and Business Continuity Planning (BCP) are essential parts of every company’s business planning process and something that must be updated on a regular basis. Texas-based Rackspace Technology is one of the largest cloud and email hosting providers in the United States serving tens of thousands of small and medium-sized businesses across the country. Rackspace confirmed that a ransomware attack was behind the hosted Exchange outage, and, over a week later, it seems far from resolved. Rackspace also revealed in an SEC (Securities and Exchange Commission) filing that it expects a loss of revenue due to the ransomware attack's impact on its $30 million Hosted Exchange business.
A ransomware attack occurs when hackers use encryption software to block access to data until the hacker supplies a decryption key, which most often requires payment to the hacker first. The encryption software is usually installed via a software vulnerability or compromised access. In 2021 hackers started adding a new element to ransomware attacks. The data they encrypt is also exported to cloud storage. They then demand payment for a decryption key and for not publicly selling or showing the data.
Investing in third-party cloud providers such as Rackspace allows small and medium-sized businesses to lower costs and centralize resources while supplying added flexibility to employees, including work-from-anywhere capability. It also opens added risk. The Rackspace hosted Exchange outage highlights the drawback of this dependency. Rackspace customers are currently without access to Hosted Exchange services. This means they can’t get their business email. Switching away from Rackspace to another provider is not so easy while the Exchange environment stays compromised.
How Can Small & Medium-Sized Businesses Protect Themselves from a Ransomware Attack?
Ransomware attacks happen after the environment is already compromised, which could happen in any number of ways. Most often the entry point is either human error, lack of multi factor authentication system (MFA) or an unpatched security weakness that hackers exploit.
While there is no “silver bullet” to prevent every cybersecurity incident, upholding cybersecurity best practices and safeguards is the best way to keep hackers out. Remember, hackers don’t target companies, they target vulnerabilities, this includes untrained staff. Every small and medium-sized business should also have adequate cyberattack insurance as part of their cybersecurity plan.
When it comes to third-party vendors, it’s important to vet them and run annual cybersecurity risk assessments against them. This allows control and awareness of vendors to figure out
risks before an event.
Business Continuity Planning allows a business to regularly test various incident scenarios to better prepare for the real thing. It’s not a matter of “if”, but “when”. Developing a practical Business Continuity is not a complex process, rather it’s a straightforward set up steps that can place a business on the best footing to weather an inevitable incident, disruption, or vendor emergency.
At Roark Tech Services, we prescribe the following steps:
Although the Rackspace hack is causing pain for thousands of small businesses across the country, it is a very public reminder that brings attention to the value of formal Cybersecurity Plans and Business Continuity planning.
Small and medium-sized businesses must remain ready for the next disruption, whether it’s a natural disaster, a burglary, or a data breach. The best time to start planning is now! Roark Tech Services is an expert in Business Continuity Planning, including Disaster Recovery options, uniquely qualified to help small businesses stay safe & competitive. Always consult with us first.
If you don’t have an IT Partner that you can trust to give you the right support and advice, we’d love to help. Contact us.