As the FBI probes the ransomware attack that knocked out email service for tens of thousands of Rackspace clients, the multicloud solutions provider reported Wednesday that CrowdStrike has confirmed there’s been no further attacker activity within Rackspace’s Hosted Exchange environment.
The Windcrest, Texas-based Rackspace has confirmed that it has restored email service to two-thirds of its customers since the outage was first reported nearly two weeks ago. But the company also signaled Wednesday that the outage is still impacting thousands of other customers on its Hosted Exchange.
In addition, Rackspace also acknowledged for the first time in one of its ongoing updates that the FBI has indeed launched its own investigation into the devastating incident.
“We are also continuing to support the FBI‘s investigation into the attack,” the firm reported on its blog.
The FBI’s entry into the investigation was first reported by Barron’s, which also reported that “tens of thousands” of clients were ultimately impacted by the attack.ADVERTISEMENT
[RELATED STORY: The 10 Hottest Cloud Security Tools And Products Of 2022]
“Rackspace is continuing to make all of our internal and external resources available to provide support to the remaining Hosted Exchange customers, including additional surge staff and a Microsoft Fast Track team deployed to supplement our Rackspace work force,” Rackspace said in its blog post.
The firm added: “Please know that we are also continuing to work alongside external resources on our data recovery efforts. We understand how important data recovery is to our customers. In ransomware attacks, data recovery efforts do necessarily take significant time, both due to the nature of the attack and need to follow additional security protocols. We will continue to keep you updated on these efforts.”
In its Wednesday blog post, Rackspace reported that cybersecurity giant CrowdStrike has “confirmed that they have obtained very good visibility throughout the entire Rackspace environment.”
As a result, that visibility has enabled CrowdStrike to confirm that the “attack was limited to the Hosted Exchange environment,” as fact initially reported by Rackspace in the days immediately after the attack.
“CrowdStrike has also confirmed that there have been no signs of attacker activity in the Hosted Exchange environment since the ransomware attack on December 2, 2022,” the company reported.
As if affairs weren’t bad enough for Rackspace customers struggling with their email woes, Rackspace sought to remind customers that it’s “common for scammers and cybercriminals to try to take advantage” of the ongoing confusion surrounding the attack.
In particular, officials are worried about phishing attacks, on top of the ransomware attack.
“Please be assured that while Rackers will continue to reach out to you to provide support in transitioning to Microsoft 365 and get your email back up and running, there are important ways that you can distinguish legitimate Racker outreach from unauthorized individuals claiming to be Rackers,” said Rackspace.
The firm proceeded to outline precautionary steps companies can take to avoid scams. LEARN MORE: Cybersecurity | Cloud Security
Jay Fitzgerald is a senior editor covering cybersecurity for CRN. Jay previously freelanced for the Boston Globe, Boston Business Journal, Boston magazine, Banker & Tradesman, MassterList.com, Harvard Business School’s Working Knowledge, the National Bureau of Economic Research and other entities. He can be reached at [email protected].
RELATED CONTENT
Palo Alto Networks CEO: Product Consolidation On Fewer Platforms Is InevitablePalo Alto Networks To Roll Out Major Partner Enhancements Over The Next YearSnyk Raises $196.5M In Latest Funding Round, Eyes Potential AcquisitionsPalo Alto Networks Appoints New Worldwide Channel Chief After Executive ReshuffleDTEX Unveils New Partner Program As It Eyes 2023 Mid-Market Expansion TO TOPADVERTISEMENT
https://c476d94fe98c00eb1ee4db6d4c8dabcf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html