Wednesday, February 8, 2023
HomeMobile SEORackspace Hosted Alternate Outage On account of Safety Incident

Rackspace Hosted Alternate Outage On account of Safety Incident

Rackspace hosted Alternate suffered a catastrophic outage starting December 2, 2022 and continues to be ongoing as of 12:37 AM December 4th. Initially described as connectivity and login points, the steering was ultimately up to date to announce that they had been coping with a safety incident.

Rackspace Hosted Alternate Points

The Rackspace system went down within the early morning hours of December 2, 2022. Initially there was no phrase from Rackspace about what the issue was, a lot much less an ETA of when it could be resolved.

Clients on Twitter reported that Rackspace was not responding to assist emails.

A Rackspace buyer privately messaged me over social media on Friday to narrate their expertise:

“All hosted Alternate purchasers down over the previous 16 hours.

Unsure what number of firms that’s, but it surely’s vital.

They’re serving a 554 lengthy delay bounce so folks emailing in aren’t conscious of the bounce for a number of hours.”

The official Rackspace standing web page provided a operating replace of the outage however the preliminary posts had no info apart from there was an outage and it was being investigated.

The primary official replace was on December 2nd at 2:49 AM:

“We’re investigating a difficulty that affects our Hosted Alternate environments. Extra particulars will probably be posted as they turn out to be out there.”

13 minutes later Rackspace started calling it a “connectivity concern.”

“We’re investigating studies of connectivity points to our Alternate environments.

Customers might expertise an error upon accessing the Outlook Internet App (Webmail) and syncing their e-mail consumer(s).”

By 6:36 AM the Rackspace updates described the continuing downside as “connectivity and login points” then later that afternoon at 1:54 PM Rackspace introduced they had been nonetheless within the “investigation part” of the outage, nonetheless attempting to determine what went unsuitable.

And they had been nonetheless calling it “connectivity and login points” of their Cloud Workplace environments at 4:51 PM that afternoon.

Rackspace Recommends Migrating to Microsoft 365

4 hours later Rackspace referred to the state of affairs as a “vital failure”and started providing their prospects free Microsoft Alternate Plan 1 licenses on Microsoft 365 as a workaround till they understood the issue and will carry the system again on-line.

The official steering acknowledged:

“We skilled a major failure in our Hosted Alternate atmosphere. We proactively shut down the atmosphere to keep away from any additional points whereas we proceed work to revive service. As we proceed to work by the foundation reason for the difficulty, now we have an alternate answer that may re-activate your means to ship and obtain emails.

Without charge to you, we will probably be offering you entry to Microsoft Alternate Plan 1 licenses on Microsoft 365 till additional discover.”

Rackspace Hosted Alternate Safety Incident

It was not till practically 24 hours later at 1:57 AM on December third that Rackspace formally introduced that their hosted Alternate service was affected by a safety incident.

The announcement additional revealed that the Rackspace technicians had powered down and disconnected the Alternate atmosphere.

Rackspace posted:

“After additional evaluation, now we have decided that it is a safety incident.

The identified affect is remoted to a portion of our Hosted Alternate platform. We’re taking needed actions to guage and defend our environments.”

Twelve hours later that afternoon they up to date the standing web page with extra info that their safety crew and outdoors consultants had been nonetheless engaged on fixing the outage.

Was Rackspace Service Affected by a Vulnerability?

Rackspace has not launched particulars of the safety occasion.

A safety occasion usually entails a vulnerability and there are two extreme vulnerabilities at the moment within the wile that had been patched in November 2022.

These are the 2 most present vulnerabilities:

  • CVE-2022-41040
    Microsoft Alternate Server Server-Facet Request Forgery (SSRF) Vulnerability
    A Server Facet Request Forgery (SSRF) assault permits a hacker to learn and alter knowledge on the server.
  • CVE-2022-41082
    Microsoft Alternate Server Distant Code Execution Vulnerability
    A Distant Code Execution Vulnerability is one during which an attacker is ready to run malicious code on a server.

An advisory printed in October 2022 described the affect of the vulnerabilities:

“An authenticated distant attacker can carry out SSRF assaults to escalate privileges and execute arbtirary PowerShell code on susceptible Microsoft Alternate servers.

Because the assault is focused in opposition to Microsoft Alternate Mailbox server, the attacker can probably achieve entry to different sources by way of lateral motion into Alternate and Energetic Listing environments.”

The Rackspace outage updates haven’t indicated what the particular downside was, solely that it was a safety incident.

Essentially the most present standing replace as of December 4th acknowledged that the service continues to be down and prospects are inspired emigrate to the Microsoft 365 service.

Rackspace posted the next on December 4, 2022 at 12:37 AM:

“We proceed to make progress in addressing the incident. The supply of your service and safety of your knowledge is of excessive significance.

We’ve dedicated in depth inner sources and engaged world-class exterior experience in our efforts to reduce unfavourable impacts to prospects.”

It’s attainable that the above famous vulnerabilities are associated to the safety incident affecting the Rackspace Hosted Alternate service.

There was no announcement of whether or not buyer info has been compromised. This occasion continues to be ongoing.

Featured picture by Shutterstock/Orn Rin



Please enter your comment!
Please enter your name here

Most Popular

Recent Comments