In an effort to address a persistent security risk, U.S. federal agencies have released a new best-practices guide for locking down on-premises Microsoft Exchange servers, which remain a favorite target for hackers. The guidance urges organizations to adopt a "prevention posture" and migrate away from outdated systems.
An old problem: The new guidance builds on an emergency directive from two months ago, which addressed a vulnerability that gave attackers a bridge from on-premise servers into a company's cloud network. The problem's scale was recently highlighted by Germany's federal cybersecurity authority, which warned that a staggering 92% of its roughly 33,000 online Exchange instances are running unsupported versions.
The digital tripwire: The agencies are pushing familiar measures like multi-factor authentication and Zero Trust, but the most urgent message is to get off outdated systems entirely. The guide strongly encourages migrating to a cloud service and warns against the "last server" problem, where a lone, unpatched machine becomes a digital tripwire for the entire network.
While the advice isn't new, the joint guidance from CISA and the NSA serves as another emphatic warning for organizations to address foundational security issues. As CISA's Nick Andersen put it, adhering to these best practices is "crucial for safeguarding our critical communication systems." While agencies focus on hardening legacy systems, some are looking toward the future of cyber defense, with AI-driven security expected to be a major topic at an upcoming Homeland Security summit.
