Scoop has an Ethical Paywall
Work smarter with a Pro licence Learn More

Video | Agriculture | Confidence | Economy | Energy | Employment | Finance | Media | Property | RBNZ | Science | SOEs | Tax | Technology | Telecoms | Tourism | Transport | Search

 

Vectra Security Research Identifies How Cyberattackers Use Microsoft Office 365 Tools To Steal Data

Australia & New Zealand, Oct. 14, 2020 Vectra®, a leader in network threat detection and response (NDR), today released its 2020 Spotlight Report on Microsoft Office 365, which highlights the use of Office 365 in enterprise cyberattacks. The report explains how cybercriminals use built-in Office 365 services in their attacks.

Attacks that target software-as-a-service (SaaS) user accounts are one of the fastest-growing and most prevalent problems for organisations, even before COVID-19 forced the vast and rapid shift to remote work. With many organisations increasing their cloud software usage, Microsoft has dominated the productivity space, with more than 250 million active users each month. Office 365 is the foundation of enterprise data sharing, storage, and communication for many of those users, making it an incredibly rich treasure trove for attackers.

“Within the new work-from-home paradigm, user account takeover in Office 365 is the most effective way for an attacker to move laterally inside an organisation’s network.” said Chris Fisher, Director of Security Engineering at Vectra. “We have seen this kind of account takeover ultimately cause the loss of personal data from organisations in Australia in recent months. Attackers will continue to exploit human behaviours, social engineering, and identity theft to establish a foothold and to steal data in every type of organisation.”

Advertisement - scroll to continue reading

Are you getting our free newsletter?

Subscribe to Scoop’s 'The Catch Up' our free weekly newsletter sent to your inbox every Monday with stories from across our network.

Even with the increasing adoption of security postures to protect user accounts such as multifactor authentication (MFA), 40 percent of organisations still suffer from Office 365 breaches, leading to massive financial and reputational losses. In a recent study, analyst firm Forrester Research put the cost of account takeovers at US$6.5 billion to US$7 billion in annual losses across multiple industries.

Highlights from the Vectra 2020 Spotlight Report on Office 365 include:

  • 96 percent of customers sampled exhibited lateral movement behaviours
  • 71 percent of customers sampled exhibited suspicious Office 365 Power Automate behaviours
  • 56 percent of customers sampled exhibited suspicious Office 365 eDiscovery behaviours

The report is based on the participation of 4 million Microsoft Office 365 accounts monitored by Vectra from June-August 2020, representing the first 90 days of market availability for the company’s SaaS product, Cognito Detect™ for Office 365.

Click here to download the Vectra 2020 Spotlight Report on Office 365. Read our companion blog here.

About Vectra
Vectra® is a leader in network detection and response – from cloud and data center workloads to user and IoT devices. Its Cognito® platform accelerates threat detection and investigation using AI to enrich network metadata it collects and stores with the right context to detect, hunt and investigate known and unknown threats in real time. Vectra offers three applications on the Cognito platform to address high-priority use cases. Cognito Stream™ sends security-enriched metadata to data lakes and SIEMs. Cognito Recall™ is a cloud-based application to store and investigate threats in enriched metadata. And Cognito Detect™ uses AI to reveal and prioritize hidden and unknown attackers at speed. For more information, visit vectra.ai.

© Scoop Media

Advertisement - scroll to continue reading
 
 
 
Business Headlines | Sci-Tech Headlines

 
 
 
 
 
 
 
 
 
 
 
 

Join Our Free Newsletter

Subscribe to Scoop’s 'The Catch Up' our free weekly newsletter sent to your inbox every Monday with stories from across our network.