According to sources from Le Vif/L'Express, Microsoft Exchange servers installed in companies are in the front line to be exploited on documented vulnerabilities. This is not new, more than 60,000 servers have been attacked since early January. Why is this happening? Often a lack of knowledge, a total lack of interest in IT security on the part of company managers because it is all virtual and therefore not punishable. We don't see the point of paying an IT manager (a real one) to maintain the systems. "As long as it works ..." or "It's been running for 10 years without any problem, it's not going to change tomorrow ...", until the day when the company files for bankruptcy because everything is gone in smoke. That reminds me of the OVH datacenter in Strasbourg, which also went up in smoke recently!
Let's go back to our sheep. As we know, this type of server is quite complex, and their maintenance is not a piece of cake. The time is over when the IT handyman (the one of whom we say: " (...) ah! he knows about computers") could still play with the different functionalities of the exchange servers, make tests, configure it badly, generally that passed. But the man who knows about computers, does he know that there are particular configurations to be made on the connectors, on the DNS (SPF, TXT, DKIM, etc.) that tells you something? Do you know the best practices for configuring and operating these servers? Not sure. but be aware that the data on them is RGPD sensitive and therefore you will be held responsible for your irresponsibility. Up to the criminal level: criminal record, prison, heavy fines, bad reputation of the company. You, the handyman, have in your hands the lives of tens or hundreds of families. And the do-it-yourselfers are not necessarily and only the IT people in charge of the infrastructure but also the people in charge (financial, general, shareholders).
Let's be serious. You who were still doing your car maintenance 15/20 years ago, would you still think of trying to tune your engine by ear? Do you deactivate the protection circuits when they come on?