Guard against cyberattacks on Microsoft 365

Microsoft 365 (formerly known as Office 365) enjoys the confidence of millions of users around the world. It is a staple software in most people's everyday working lives and even more so now due to Covid-19.

When it comes to remote working, Microsoft 365 is the perfect all-inclusive software that provides ease of use in the cloud, ability to deliver instant access to files from anywhere and on multiple devices... the list goes on.

However, it's popularity as one of the most high profile 'work-from-anywhere' tools in the current climate makes it a perfect target for cybercrime. The biggest challenge when it comes to cyberattacks is keeping one step ahead of the increasingly ingenious attempts to infiltrate devices that we are now relying on to work collaboratively, whilst outside of our usual corporate security perimeter. For businesses already struggling to adopt new technology, this could be another IT Support nightmare.

Cybercriminals are ready to exploit these flaws, at any chance they get. They are not only targeting sensitive information, but using compromised Microsoft 365 accounts to impersonate the legitimate owner by using phishing attacks, to gain insight into important company information and to manipulate money transfers.

So, what can you do to protect not only yourself, but your company too?

Change working practices:

Due to Covid-19, numerous organisations have asked their teams to work remotely as much as they can. These remote workers are now relying heavily on Microsoft 365, using Teams to stay in contact with their colleagues or Outlook to communicate with their customers. The main concern is not the data stored in the cloud, but more so the devices that we work from (e.g. home-based computers, personal laptops and tablets, and even smartphones). These devices, which are all too often vulnerable to cyber attacks, are now accessing and processing company data on a daily basis.

Investing in an anti-virus package will offer some much needed endpoint protection. However, it is important to note that cyber security training can be just as effective in preventing cyber attacks.

Key logging and screen capture:

Two particular threats that are posed to endpoints are Key Logging and Screen Capture, even if both are protected by anti-virus software. If key logging malware infiltrates the device, any keys that are typed in applications such as Microsoft Word or Powerpoint, for example, are instantly visible or trackable by the cyber attackers. Not only this, but if screen capture malware infiltrates the device, screenshots will be taken every 5 seconds or so, without your knowledge, compromising sensitive documents.

It is evidently more important than ever to ensure your devices have the best anti-virus and cyber security measures in place to avoid these types of malware infiltrating said devices and compromising sensitive personal and company data.

The interactive malware hunting service, Any.Run, identified the following top ten threats to endpoint security:

- Emotet

- Agent Tesla

- NanoCare

- LokiBot

- Ursnif

- FormBook

- Hawkeye

- AZORult

- TrickBot

- njRAT

All of the above malware threats harvest keystrokes entered by the user on the endpoint device and use techniques to evade Windows Defender and other standard anti-virus products.

So, what can help?

It is important to develop a thorough strategy that extends the corporate security perimeter to each individual team member, no matter where they are working or what devices they are using to do so. All types of software and applications have their vulnerabilities that cyber attackers will try to target, but you can prevent them from being successful by investing in the right security strategy for your organisation.

The One Point are an award-winning, ISO 27001 and Cyber Essentials Plus Certified, Managed Technology Provider that can assist in putting together the right security strategy for you. Talk to a member of our team today on 01482 420 150 for more information.