Currently there are about 180 million corporate customers reported by the international technology company Microsoft using their cloud service Office 365. With the end of support for Windows 7 on January 14 and the termination of support for Office 2010 in October this year, a significant increase in Microsoft Office 365 users is expected. Companies are now weighing the risks of cyber-attacks on cloud services against the technological opportunities. They are facing the choice of either storing their data in the cloud and upgrading their IT systems or being left behind by the competition of the future.

Microsoft is already countering the increasing number of cyber-attacks on Office 365 users with numerous security measures enabled to protect its customers’ important data and information from unauthorized access and insight. The main vector for malware and phishing attacks is email communication, for which Microsoft has integrated special security mechanisms. However, security experts recommend to not only rely on Microsoft’s safety measures, but to additionally secure Office 365 accounts with third-party solutions. Why? We will explain in the following blogpost.

Office 365 – ‘account hijacking’ vulnerability?

With greater flexibility, cost savings, outsourcing of storage capacity, relevant tools and the latest software available in seconds – all these factors point to the benefits of cloud computing. Already 73 percent of German companies rely on cloud services and see this as a growing market for the future. In upcoming years, other companies will no longer be able to avoid the upgrade of their systems – or they will be left behind by their competitors.

Microsoft is regarded as the major driver of the cloud movement, and has brought the world’s most widely used office suite to the cloud with Office 365. Critical and sensitive files are uploaded and exchanged daily by more than 100 million business customers in the Office Cloud … a fact that cyber-criminals are well aware of. Recently, Microsoft reported a 250 percent increase in targeted attacks on Office 365 accounts. Microsoft has already integrated some security features into Office 365 – but the question you should ask, are these measures really enough? What additional solutions can provide comprehensive security?

Die Angriffe auf Office 365-Konten steigen von Quartal zu Quartal

Attacks on Office 365 accounts increase from quarter to quarter

IT Security: What are the challenges with Office 365?

The key factor for migration to the cloud is the protection of personal data, in addition to comprehensive security, especially after implementation of GDPR. The worldwide increase in cyber-crime is placing the challenge of these factors even more clearly in focus.

Identifying an Office 365 user is very simple for an attacker, because the MX records and autodiscover entries are visible to the public online. Comprehensive security features are being implemented to prevent possible attacks from Office 365 accounts, but it must be kept in mind that the data in the cloud itself – even in the event of unauthorized access – can be accessed from anywhere. By using Office 365, an important security aspect is no longer available to companies: the firewall. If an attacker succeeds in gaining unauthorized access to an Office 365 account, all data is available to them without any restrictions.

Email communication is the main gateway for attacks

95 percent of all cyber-attacks on companies occur via email, because email is considered a central channel of communication by companies worldwide. A single mailbox often contains numerous email messages with personal data of other users, sensitive files and sometimes even internal confidential information. Attackers can enter a company’s IT directly via email without authentication. All it takes is for one user to interact with a piece of infected content or attachment that takes over the user’s account. If an administrator account has been taken over, the attacker is given the same rights as the account owner and has the opportunity to gain access to the data of all users within the company.

Office 365 Hijack Attacke

A Hijack attack specifically targeting Office 365 users

A new level of security is necessary

The focus of additional security features should primarily be on the area of email communication. It is important to secure Office 365 accounts with a third-party solution. Specialized providers hide Microsoft DNS and MX records, which means that Office 365 users are not easily identifiable to attackers and are therefore less likely to be targeted. In addition, they provide much better protection against targeted attacks on Office 365 accounts, which the attacker has successfully tested against the basic Microsoft protection mechanisms. In addition, a small number of providers allow full encryption of mailbox data stored within the cloud, which is then protects against spying even if an account hijacking was successful.

The IT market research institute Gartner predicts that this year already 50 percent of the organizations using Microsoft Office as SaaS will secure their email communication through third-party providers. 35 percent of all companies that switch to the Office 365 cloud will use such a solution from the very beginning.