Blog

Office 365 in the Crosshairs of Cybercriminals

By September 18, 2018 No Comments
office-365-security-protection

This will not have escaped anyone, the digital environments of companies are constantly evolving. A new generation of more intuitive, ergonomic and efficient solutions is attracting companies looking for digital transformation and competitiveness.

With Office 365 , Microsoft now offers a complete package including the office suite, an online storage service, and a collaborative management tool. You can also add other tools like a VOIP phone tool.

These tools totally dedicated to efficiency and collaboration have been booming since 2007. Unfortunately, attackers are never far away especially when it comes to attacking the market leaders. No more accounts to hack and therefore more financial gains in prospect.

A reinforced but insufficient level of protection

In addition to the features described above, the Office 365 solution includes a centralized authentication layer that allows users to seamlessly connect to all their favorite applications, from their Airbnb account, to their Uber app, to their Xbox game console. This means that with a pair of identifiers, the user is able to connect to all his applications.

The moral of the story is very simple: if an attacker succeeds in stealing a user’s credentials, he then wins the Holy Grail. The theft of identifiers will allow him not only to access the digital universe of the user but also to the data of the company. The challenge is then set for the attackers and it’s a festival. Since June 2016 there have been a plethora of attacks ranging from phishing attacks to ransomware. In June 2016, a wave of ransomware called “Cerber” hit the users of Office 365. 57% of users would have received an email containing this ransomware.

A common point? The vector of attack is often the same: the mail. 91% of cyber attacks use e-mail as a vector of infection. The mistake would be to think that new uses around instant messengers would change the situation, it is rather the opposite that occurs. According to a study by Radicati, the email remains the preferred means of communication in the world largely ahead of others.

The level of protection must be adapted to cloud platforms and new threats: the Gartner recommendations 

If the firm Microsoft has bet on the user and its uses with Office 365, it has not neglected the security. In fact, the Gartner even believes that a cloud solution today can be better protected with an internal solution (“on-premise”). This is due to the fact that the cloud platform manages version upgrades and potential internet security vulnerabilities through its dedicated internal teams. This saves companies time and resources and reduces their risks. Although many e-mail security solutions are available today and most protect against the majority of threats, they are not devoid of flaws.

The difficulty of email protection lies in the evolving nature of threats. Typical solutions often focus on the origin of threats (reputation of IP addresses), as well as their content. However, cyber-criminals have developed social engineering mechanisms with the creation of complex and realistic attack scenarios based on real data disseminated by employees on social networks. These attack mechanisms are deployed in short waves and low volumes, in order to test the capacity of the protection filter to detect the attack, characteristics that make them much more difficult to detect. Increasingly sophisticated, they bypass the mechanisms of protection of the mail based on signatures and reputation. The attacks have become agile and intelligent.

This is the reason that prompts today Gartner analysts advise adopting a more effective strategy for cybersecurity completing this offer third-party security tools, integrated ecosystem Office 365, especially for the protection and control of emails  : “We recommend to fill the gaps in the email protection functions of the gateways of protection by adding to them a product of evaluation of the context of the threat …  ”

Using APIs to enhance Office 365 security

As you can see, Gartner analysts advise diversifying its range of solutions and using non-Microsoft specialized tools to maintain security. According to them, in 2020, 50% of organizations that use Office in Software-as-a-Service (SaaS) mode will enhance security with tools from third-party vendors.

Rather than just protecting the publisher’s cloud, they are more likely to deploy anti-spam, malware scan, and sandboxing capabilities to enforce proactive protection.

Recommendations all the easier to implement as Microsoft offers APIs allowing a simplified integration to the platform with complementary functionalities. Well-used, these APIs allow third-party solutions to work seamlessly for the user within the Office 365 solution, without interrupting email flow and without distributing discovery data out of the Microsoft Azure platform. Some features of data protection(Enterprise Data Protection or “EDP”) and to fight against targeted attacks like ”  Advanced Threat Protection »Block the most sophisticated attacks and filter incoming, outgoing, and intra-enterprise flows. Indeed, 95% of intrusions on the corporate network are the result of a spear phishing campaign, according to the SANS Institute.

In addition, these solutions based on artificial intelligence algorithms can identify and block unknown threats called 0-day attack or 0 hours attack.

Based on a knowledge of international email traffic, these technologies have the capacity to anticipate an attack.

Based on the behavior and context of the exchange, artificial intelligence algorithms have the ability to adapt and adopt predictive filtering by blocking, for example, an IP or block of addresses, and creating automatically temporary rules.

What are you waiting for? Give us a call today, and let’s discuss how Office 365 can grow your business!