Rackspace Ransomware Attack: What It Really Means

Rackspace, the popular managed cloud computing company, announced last Friday that it was investigating a problem with its hosted exchange server. The issue caused a massive outage among its customers who were no longer able to access their email.

Rackspace suggested that clients transfer their email systems to Microsoft 365 while they tried to remedy the issue.

Then, on December 6th, Rackspace announced what many already suspected: the issue was caused by a ransomware attack.

According to BitDefender, Rackspace said it had engaged third-party experts to look into the ransomware attack and declined to confirm whether they paid (or plan to pay) the ransom.

What’s the big takeaway?

Having customers on Exchange, an outdated infrastructure, was a risky business move for Rackspace. For years, Microsoft has been urging customers to move away from exchange in lieu of M365 for a slew of reasons, security being one of them.

With many Rackspace customers leveraging a hybrid environment, this may be the push they need to be fully cloud-based. Since M365 is a SaaS-based application hosted on Azure, Rackspace may be facing serious business repercussions.

What should customers do next?

No matter where the data is hosted, customers are responsible for it. Whether consumers choose a public cloud service provider (CSP) or a privately hosted one like Rackspace, they’re putting their trust in the hands of another organization.

This forces an inevitable question: who do businesses trust more, Microsoft or Rackspace?

When hosting with M365, you inherit Microsoft’s technical infrastructure and native security controls. With SaaS-based servers, you have access to a larger network of solutions to manage your security posture, whether it’s through an MSP, MSSP, or independent software provider. Similarly, the incident with Rackspace sheds light on the importance of having strong access controls in place to monitor for identity-based threats.

ContraForce Can Help

ContraForce is a SaaS cybersecurity solution that simplifies Microsoft security for small and mid-sized businesses. It consolidates existing security tools into one, easy-to-use platform designed for simplicity. ContraForce offers free 24x7 threat detection and security monitoring for M365 and can be requested here.

ContraForce is everything you need to manage your security service delivery with confidence.

Related Posts