Lessons from the Rackspace Attack

ransomware

Cyber Security Ransomware Email Phishing Encrypted Technology, Digital Information Protected Secured

On December 2, 2022, a ransomware attack on Rackspace disrupted email services for thousands of businesses.  The attack encrypted files throughout Rackspace’s Hosted Exchange environment, one of the largest in the world.  The outage impacts mostly small and midsize businesses (SMBs).  While Hosted Exchange is only 1% of Rackspace revenue, the incident was large enough to warrant a filing with the Securities and Exchange Commission. We can all learn lessons from the Rackspace attack with respect to cybersecurity and response.

Lessons from the Rackspace Attack

1 Incident Response Must Be Quick

In their SEC filing, Rackspace noted that their “… information security team had strong incident response protocols in place that led to the quick containment of the ransomware attack.”  They were able to limit the damage to the Hosted Exchange service, protecting other aspects of the company’s operations and other services.

For SMBs like ours, speed is also necessary. Quickly identifying an attack and isolating effected devices is critical. An infected laptop can spread the infection to servers and through files sync’d into cloud storage (ie, OneDrive, Google Drive, Dropbox). From there, every connected device is vulnerable.

2 Recovery is Not a Sure Thing

Rackspace is NOT recovering customers’ Hosted Exchange service. The company is moving these customers to Microsoft 365.

Paying the ransom is not always possible. Paying a ransom does not guarantee that your get your data back.

3 Recovery is Difficult

As of December 12, 2022 — a full 10 days after the attack, Rackspace disclosed that about two thirds of its customers have been transitioned to Microsoft 365. Nearly one third of customers remain without email service. Rackspace is effectively abandoning its Hosted Exchange service.

The logistics of identifying recoverable data and understanding interdependencies is complex. Managing data restoration across multiple devices, systems, and data sets is challenging. Some data will be lost. Understanding which data, and how much data, has been lost is challenging.

4 Recovery is Big and Slow

Rackspace has hired staff and contracted with many Microsoft Fast Track service providers.  Even so, call wait times are still averaging about 30 minutes.  Rackspace is setting expectations, repeatedly telling customers that data recover will “necessarily take significant time”.

Starting with a clean system gets your systems up and running. How effectively can your run your business without your data?  Data recovery takes time, even from backups. While emails may be relatively easy to live without, what is the impact if your accounting system is unavailable for days or weeks?

5 Recovery needs Expertise

While Rackspace is a leading technology firm, they have hired outside firms to investigate the attack and remediate the incident.

Most IT firms servicing SMBs do not have the expertise or staff to respond to a cyber attack. Expertise and resources will be needed for investigations and forensics, data recovery, systems restoration, communications, regulatory reporting and compliance, and customer service.

6 Recovery is Expensive

Rackspace is actively promoting that it maintains sufficient cybersecurity insurance to cover the costs of the incident. Their SEC filing, however, does not indicate if or how they plan to compensate customer for their losses.

You will spend money … lots of money … beyond the cost of getting your data back, your systems restores, and your business back up and running. Regulatory filings, communication, legal services, and litigation can be a crushing burden that threatens. More than half of SMBs fail within six months of a significant cyber attack.

Steps You Can Take

Looking at the lessons from the Rackspace Attack informs how we should think about protecting our businesses and ensuring we can return to normal operations quickly and efficiently. Here are resources for you to learn more.

Earlier this year, we blogged about how Streamlining Security for SMBs can protect you from the most common and the most expensive types of cyber attacks without breaking your budget.  We held a webinar on the same subject.

Our Security CPR model outlines the three critical aspects of cyber security communication/education, protection/prevention, and recovery/response.  Our eBook, 15 Best Practices for Cyber Protection, dives into the model.

To discuss your security footprint, risks, and options, contact us by email, via our website, or by scheduling time directly with one of our Cloud Advisors.

Service Update: Microsoft 365 Fees Increase on January 1, 2023

Cumulus Global 15 Years of ServiceService Update: Microsoft 365 Fees Increase on January 1, 2023.

As previously announced by Microsoft, Microsoft 365 Fees Increase on January 1, 2023.  In addition to increased fees for specific licenses, Microsoft is changing the structure of annual agreements and adding a 20% surcharge for month-to-month licensing.

Why Now?

Microsoft has been working towards these changes for more than a year. They company pushed back the deadline several times as the change coincided with major changes to Microsoft’s partner program. Microsoft has notified customers and partners that all subscriptions will be on the new pricing as of January 1, 2023.

For our customers, Cumulus Global has delayed the impact and fee increases for as long as possible.  We are communicating with our customers individually to address the final deadline.

New Terms and Conditions

With the pricing changes, Microsoft is also changing some of the terms and conditions for the services.  Historically, Microsoft has not enforced commitments on annual agreements; customer were free to change user counts and even cancel without penalty. Going forward, Microsoft will enforce annual subscriptions and terms as firm commitments. Customers may change or cancel within three (3) days of starting an annual term. Customer commit to the number of licenses for the full year. Microsoft is offering a three year commitment option as well, which secures pricing for that period.

If you need or want the flexibility of increasing and decreasing user counts at any time, you will need to opt for month-to-month licenses.  Monthly licensing lacks the commitment but includes a 20% surcharge over fees for an annual commitment.

License Pricing Changes

The following are the fee changes for annual licensing. All fees are listed as per user per month.

  • Microsoft 365 Business Basic
    • Annual: From $5 to $6
    • Monthly: $7.20
  • Microsoft 365 Business Premium
    • Annual: From $20 to $22
    • Monthly:  $26.40
  • Office 365 E1
    • Annual: From $8 to $10
    • Monthly: $12
  • Office 365 E3
    • Annual: From $20 to $23
    • Monthly: $27.6
  • Office 365 E5
    • Annual: From $35 to $38
    • Monthly: $45.60
  • Microsoft 365 E3
    • Annual: From $32 to $36
    • Monthly: $43.20

All other Microsoft 365 and Office 365 license fees remain this same with an annual commitment; monthly fees will reflect the 20% surcharge.

Next Steps

Our team is contacting each our customers impacted by the pricing to discuss their options and plan their services going forward.

As we are here to assist any small business with their cloud services, feel free to contact us by email, via our website, or by scheduling time directly with one of our Cloud Advisors to discuss your options and path forward.

Service Update: Archived User License Fees Begin in January

Cumulus Global 15 Years of ServiceService Update: Archived User License Fees Begin on January 23, 2023.

As previously announced by Google and covered in our blog, Google has discontinued the Vault Former Employee (VFE) service.  All Google Workspace customers had there VFE licenses converted to a trial of the Archived User License (AUL) service.

The free trial of the AUL service ends on January 15, 2023.  Archived User License fees begin on January 16, 2023.

Archived User License (AUL) Fees

All customers with active AUL accounts will be invoiced in accordance with their Google Workspace License:

  • $4/user/month – Google Workspace Business AUL
  • $5/user/month – Google Workspace Enterprise Standard AUL
  • $7/user/month – Google Workspace Enterprise Standard AUL

Available Options

In addition to keeping your AUL subscription and paying the above fees, you have the option to:

  • Discontinue the AUL subcription
    • Removing the service will permanently remove all archived data.
    • Deleted archived data cannot be restored or recovered.
  • Export the Data prior to discontinuing the AUL service
    • This provides you with a static copy of existing data in your AUL accounts.
    • Data in your AUL accounts are permanently deleted when you discontinue the subscription.
  • Migrate to a third party archive solution prior to discontinuing the AUL service
    • Your archive of past Google Workspace user accounts is preserved using a third party archive solutions, prior to ending your AUL subscription.
    • The annual fees to retain the archived accounts is significantly lower than AUL licensing.
    • You will incur migration fees to move your data.
    • Data in your AUL accounts are permanently deleted when you discontinue the subscription.

Next Steps

Organizations with Archived User Licenses should contact us as soon as possible by email, via our website, or by scheduling time directly with one of our Cloud Advisors to discuss your options and path forward.

Google Workspace Transition Update – 12/01/22

Google WorkspaceMore than two years after announcing the change, the Google Workspace transition from G Suite continues.

  • For organizations running G Suite with an annual or term commitment, your transition is scheduled to occur on your next renewal date.
  • For organization on the Flex Plan (month to month), Google will automatically transition your account with 60 days advanced notice.
  • Organizations willing to transition with an annual commitment before Google transitions you automatically may be eligible for incentive discounts.

For many, if not most, organizations, this transition will result in higher subscription fees and/or loss of features.

This post identifies the restrictions and potential features impact for organizations currently running G Suite Basic and G Suite Business editions.

Current G Suite Basic Subscribers

  • Additional Storage
    • If you currently do not have additional storage assigned to at least one user:
      • You can no longer add this service.
      • You will not have the ability to add storage to your Google Workspace subscription.
      • As users reach the 30GB limit, you will need to upgrade to Google Workspace Business Standard or Business Plus editions at an additional cost.
    • If you currently have additional additional storage assigned to at least one user:
      • You may grandfather this service and you may be able to add more storage.
      • The duration for how long you can maintain your existing additional storage or add new additional storage has not be clearly defined by Google. At the end of the grandfather period, you will need to upgrade to a version of Google Workspace that meets your storage needs.
  • Vault
    • If you currently have Vault:
      • You may be able to grandfather this service.
      • The duration for how long you can maintain Vault as an add-on has not been defined by Google. At the end of the grace period, you will need to upgrade to Google Workspace Business Plus to maintain this service and data.
    • If you currently do not have Vault:
      • You should select and upgrade to Google Workspace Business Plus to add this service.
  • Advanced Endpoint Management
    • This feature is not available in Google Workspace Business Starter or Business Standard subscriptions. You will not be able to set up company-managed mobile devices or selectively distribute apps to mobile devices.
    • If you use this feature, you should select and upgrade to Google Workspace Business Plus.
  • Organizational Branding / Templates
    • This feature is not available in Google Workspace Business Starter. You will no longer be able to create or use custom templates for Google Docs, Sheets, Slides, Forms and Sites. Documents created from the templates remain.
    • If you use this feature, you should select and upgrade to Google Workspace Business Standard or Business Plus.
  • Advanced Chat Space Features / Spaces
    • This feature is not available in Google Workspace Business Starter. You will no longer be able create spaces that allow external users. Existing spaces remain and users can make changes to existing spaces, such as adding or removing members.
    • If you use this feature, you should select and upgrade to Google Workspace Business Standard or Business Plus.

Current G Suite Business Subscribers

  • Storage Capacity
    • Your storage capacity will be limited based on the Google Workspace Business tier subscription you select for you transition:
      • Business Starter: 30GB per user, fixed
      • Business Standard: 2TB per user, aggregated across all users
      • Business Plus: 5 TB per user, aggregated across all users
    • To maintain unlimited storage capacity, you should select and upgrade to Google Workspace Enterprise Standard or Enterprise Plus.
  • Google Vault
    • This service will not be available if you transition to Google Workspace Business Starter or Business Standard.  Additionally, holds and retention rules will stop protecting your organization’s messages and files. Google will immediately remove all data that users deleted more than 30 days ago from all Google systems. You cannot recover this data.
    • To keep the Vault service, you should select and upgrade to Google Workspace Business Plus or an Enterprise tier subscription.
  • Advanced Endpoint Management
    • This feature is not available in Google Workspace Business Starter or Business Standard subscriptions. You will not be able to set up company-managed mobile devices or selectively distribute apps to mobile devices.
    • If you use this feature, you should select and upgrade to Google Workspace Business Plus.
  • Organizational Branding / Templates
    • This feature is not available in Google Workspace Business Starter. You will no longer be able to create or use custom templates for Google Docs, Sheets, Slides, Forms and Sites. Documents created from the templates remain.
    • If you use this feature, you should select and upgrade to Google Workspace Business Standard or Business Plus.
  • Advanced Chat Space Features / Spaces
    • This feature is not available in Google Workspace Business Starter. You will no longer be able create spaces that allow external users. Existing spaces remain and users can make changes to existing spaces, such as adding or removing members.
    • If you use this feature, you should select and upgrade to Google Workspace Business Standard or Business Plus.
  • Shared drives
    • This feature is not available in Google Workspace Business Starter. You will no longer be able manage existing shared drives. In addition, users and owners will not be able access shared drive content or add or delete content to or from shared drives. Before switching editions, ask shared drive owners to review their content and move it to their My Drive to maintain access.
    • If you use this feature, you will should select Google Workspace Business Standard or Business Starter.
  • Organization-Specific Drive Settings
    • This feature is not available in Google Workspace Business Starter. All users in your organization will inherit the settings of your top-level organizational unit, but the organizational structure itself will not change.
    • To maintain this feature, you should select Google Workspace Business Standard or Business Plus.
  • Meets
    • If you transition to Google Workspace Business Starter, your Meets will be limited to 100 participants.
    • Select G Suite Business Standard or Business Plus to maintain you Meets capacity.
  • Calendar Advanced Controls
    • These controls will not be available if you transition to Google Workspace Business Starter or Business Standard.  Rooms aren’t automatically released when all attendees decline. Rooms that decline invitations aren’t replaced. You can’t set a default duration for events.
    • To maintain access to these controls you will should select Google Workspace Business Plus.
  • Data Regions
    • These controls will not be available if you transition to Google Workspace Business Starter or Business Standard.  You can no longer choose a geographic location for your data.
    • To maintain access to these controls you should select Google Workspace Business Plus.
  • Session Length for Google services
    • These controls will not be available if you transition to Google Workspace Business Starter or Business Standard.  You can no longer control how long users can access Google services without having to sign in again.
    • To maintain access to these controls you should select transition to Google Workspace Business Plus.
  • Predefined Content Detectors
    • This feature is not available in Google Workspace Business Starter. If you use any predefined content detectors data-loss prevention, Google will remove them from any settings that use them.
    • To maintain this feature, you should select Google Workspace Business Standard or Business Plus.
  • Automated User Provisioning Applications
    • Google limits the scope of this feature in Google Workspace Business Starter. If you have more than 3 automated user provisioning applications, you must first remove automated user provisioning from all but 3 applications before downgrading.
    • To maintain this feature, you should select Google Workspace Business Standard or Business Plus.
  • Target Audiences
    • This feature is not available in Google Workspace Business Starter. You can’t recommend specific groups of people, like departments or teams, for your users to share their items with. Important: Any target audiences currently in use aren’t automatically deleted when you switch to this edition. You might want to delete them before switching.
    • To maintain this feature, you should select Google Workspace Business Standard or Business Plus.

Call To Action

Contact us or schedule time with one of our Cloud Advisors to discuss your options to best manage your transition. By default, Google will transition your G Suite account to the version of Google Workspace based on your user account and your use of the services and features listed, above. Your subscription fees may double or triple.