BBC Headlines this morning report:
"Tens of thousands of users around the world have reported being unable to access Microsoft services, including Teams and Outlook."
If you are stuck, have you tried logging into your webmail?
You will have to login with your email address and, yes, what a pain; dig out that email password.
You have two options where you can use the "universal" access point which for us was certainly not affected:
For Office 365 go to: Microsoft 365 sign-in page
For regular outlook email accounts go to Outlook.com.
If you are using outlook on your pc or mac as an email facility and are having problems, but use other email providers such as Rackspace, head for their webmail login point at:
https://apps.rackspace.com
If you could not access your emails for a week, nor historical sent or received emails, how would that affect you?
This might be a time to consider a bit of housekeeping on your email account.
Archiving could be an idea and even exporting outlook emails into a .pst file and saving them offline.
Ransomware Attack
In December 2022 Rackspace was subjected to a ransomware attack on it's hosted exchange platform affecting tens of thousands of customers.
Customer email service was unnavailable with no access to historical emails for days as Rackspace shut down the environment to avoid any further issues while they tried to restore service.
Customer service was beseiged as customers, large and small sought information and a timeline to normal service being resumed.
The course of action that Rackspace eventually took was to abandon their hosted exchange email platform and transition (not a small task as it involved the the customer base) all users to Microsoft 365 and state that the Hosted Exchange email environment would not be rebuilt as a go-forward service offering.
Obviously, the compromise was too far reaching.
The culprit was a new Microsoft Exchange exploit chain that allowed ransomware attackers in to achieve remote code execution on Microsoft Exchange servers.
Patches were deployed by Microsoft in November and December 2022 to tackle the vulnerability.
For those who are techie and want to understand the exploit visit https://www.crowdstrike.com/blog/owassrf-exploit-analysis-and-recommendations/.
The cloud security firm Crowdstrike and the FBI were involved in the research into the attack.