Cybersecurity Alert for “on-premises” Microsoft Exchange Email Servers
The Executive Office of Technology Services and Security (EOTSS) has issued an alert about a targeted attack on “on-premises versions of Microsoft Exchange Servers”. Cloud-based servers appear not to be affected.
Government entities at all levels that are using on-premises Microsoft Exchange mail servers may have been affected, even if there are no immediate systemic symptoms. It is thought that the attackers have embedded malicious files that will be accessed at a later time.
If your department uses an on-premises Microsoft Exchange mail server please take appropriate steps including obtaining outside experts to evaluate your servers and perform the recommended remediation.Statewide Contract (PRF56DesignatedOSC) has pre-screened cyber and data security vendors available to provide assistance with cyber incident response plans, risk assessments, penetration testing, emergency incident management, forensics, and Payment Card Industry (PCI) compliance.
Cyber criminals are becoming increasingly sophisticated, so departments should be vigilant with patching, protecting, detecting threats, and training on cyber awareness.
In addition to your normal incident response protocols, please contact CTREmergencyNotification@mass.gov with any incidents or suspected incidents of fraud or cyber attacks or if you need assistance with internal controls.