Rackspace Ransomware Attack Caused Massive Outage in Email Service
On Friday, December 2nd, 2022, Texas-based cloud computing provider Rackspace experienced a massive email outage. The company on Tuesday confirmed that its hosted Exchange environment suffered a ransomware attack. On top of that, the Rackspace ransomware attack left a huge number of customers puzzled as they were unable to access their emails. So, what happened exactly and who’s behind it? Let’s look into the matter closely.
Rackspace Ransomware Attack – Official Statements
Undoubtedly, it was a long weekend for both the company and its customers. However, Rackspace officials kept updating the status from day 1 of the incident.
[02-12-2022, 2:29 AM EST]- “We become aware of an issue impacting our hosted Exchange environment and our engineering team is working on the same. Users may experience an error upon accessing Outlook Web App and syncing their email clients.”
[02-12-2022, 8:19 PM EST]- “We experienced a significant failure in our hosted Exchange environment. So, we proactively shut down the environment to avoid any further issues. And, at the same time continuously working to restore the service.”
[03-12-2022, 1:57 AM EST]- “We preemptively disconnected the Hosted Exchange environment while we try to understand the extent and severity of the impact. Upon analyzing, we found out that it was a security incident. We are actively taking necessary actions to evaluate and protect our environment.”
Finally, on 7th Dec 2022, they acknowledged that the security incident was none other than a ransomware attack. The Rackspace ransomware attack was investigated by the company’s internal security team and a cyber defense firm (the name was not disclosed by the company).
In the meantime, the company provided temporary solutions for its users.
Makeshift Solution by The Company to Tackle Rackspace Ransomware Attack
Given the ongoing investigation of the security incident, it’s hard for the company to predict and come to a conclusion. So, in these uncertain times, the company proposed that shifting/migrating to Microsoft 365 is the best solution for the customers.
The company urged its affected customers to move to this cloud platform. In case any customer uses a hybrid Hosted environment (Rackspace Email and Exchange on a single domain) then they need to move all mailboxes to M365 for mail flow to work properly.
Note: For successfully transferring mailboxes to Microsoft 365 you can opt for Professional Office 365 Migration Services.
In addition to moving to M365, the company encouraged its customers to implement a temporary solution which is Email Forwarding. It will allow mail destined for a hosted Exchange user to be routed to an external email address.
To assist the affected customers of the Rackspace ransomware attack, the organization opened a 24X7 helpline along with a chat, and ticketing system.
What’s Customers’ Reaction to The Matter?
Clearly, the customers were not happy about the Rackspace email outage and unsatisfied customers didn’t hesitate to put negative comments about the company.
Since most business communication was affected by the Rackspace outage, the support department of the company was flooded with a huge number of complaints and inquiries. So, the wait time for customer support was much longer than usual.
One of the customers complained ‘I called the support line, held and listened to lousy music for nearly 3 hrs and finally terminated the call on my end.’
Impact of Rackspace Ransomware Attack on The Business
The company in its official updates said that it’s in the early stage of investigation and will share additional information regarding the matter.
Though Rackspace Technology is in the early stages of assessing this incident, deep down it’s greatly impacted by the attack. It has caused and may continue to cause an interruption in its Hosted Exchange business.
Furthermore, it may result in a loss of revenue for the Hosted Exchange business, which generates approximately $30 million of annual revenue in the Apps & Cross Platform segment.
Conclusion
Rackspace ransomware attack has certainly taken over the internet, arising questions related to the security issues in an organization. Generally, any cyberattack happens as a result of a security gap present in the IT infrastructure. And, apparently, the Rackspace security incident might also be the consequence of the vulnerabilities present in the Hosted Exchange environment.
That’s why experts recommend to organizations (regardless of the size) adopt strong security measures such as SOC and VAPT. By implementing these security actions, it becomes easier for organizations to be secured. Further, it helps them to stay one step ahead of the threat actors and avoid probable security risks beforehand.
Please click on the given links to know more about cybersecurity measures.