Sophisticated O365 cyber attacks underline need for third-party backup

Sophisticated O365 cyber attacks underline need for third-party backup

posted in Uncategorized @en-gb ● 17 Dec 2019

O365 Cyber Attacks

Sophisticated O365 cyber attacks underline need for third-party backup

Reading, 17 December 2019 – Office 365 is a prime target for cyber criminals – and it’s not difficult to understand why O365 cyber attacks are more frequent when Microsoft announced this year that it has more than 180m active commercial users every month.

According to IDC research, 69.2% of organisations have fallen victim to a malware attack within the past 12 months.

Many organisations take a long time to learn about breaches and respond to them, making them even more vulnerable to hackers, who are becoming more sophisticated and creative in their approach.

Many of us are used to seeing the occasional fake email purporting to be from a bank or service provider.

Not so obvious, though, are the phishing tactics used to trick O365 users into handing over their account credentials.

Sneakier cyber-criminals will now try to mimic a meeting request from your boss, or from Microsoft itself, but the link will go to a fake Microsoft Outlook sign-in page that steals the credentials you enter.

Others pretend to be a non-delivery notification from an O365 email account that prompts users to ‘send again’. The user is fooled into clicking through to a phishing site that looks identical to the O365 email login screen.

Most of us know it is unwise to download documents sent from unfamiliar or suspicious-looking sources, but cybercriminals are now injecting malware simply when a user previews a document.

The Office Preview process doesn’t check if the source of the document is trustworthy before generating a preview, and criminals are taking advantage of this.

Users responsible for vast majority of data loss and O365 Cyber Attacks

Cyber-crime is not the only cause for concern, though, as the vast majority of O365 data loss in an organisation is down to end users.

This can come in the form of accidental deletion or overwriting of information, malicious deletion of data by a disgruntled employee or corruption while syncing a file.

There is nothing to protect you from an employee seeking to remove evidence of potential misconduct or malpractice.

Office 365 cannot distinguish between a malicious employee deleting critical files and another employee deleting unneeded items – and very little can be done to get that information back once it is gone.

This is particularly worrying given the employee governance that almost all organisations have to comply with.

There is also no provision for reverting a mailbox server to an earlier point in time, should a virus attack corrupt your information.

Such data loss can be very costly as it can disrupt business activity and damage reputations.

On top of this, many organisations have industry-specific regulation governing data retention and other data protection specifics, so document deletion would result in failure to comply.

That is why it is essential that organisations do not rely solely on native O365 protection to recover data and at the very least consider a third-party backup when Office 365 is implemented.

IT teams have ultimate responsibility for data protection

Ultimate responsibility for data protection lies with the data owner. That invariably means the head of the IT team.

The answer is to make software-as-a-service data protection a boardroom priority, especially at a time when it is entering the IT fiercely and definitively.

Whether you have challenges over managing Office 365 content or very real concerns about how well Microsoft might recover your business-critical data in the event of a security issue, Redstor has you covered.

See how protecting OneDrive, SharePoint and Exchange in Redstor’s cloud allows you to retain full control of your data and why it’s vital for compliance purposes. Don’t be caught out by O365 Cyber Attacks with help from Redstor.

See the future of data management. Now.

Watch our product demos to find out more about our solution.

Benefits of Automated Data Management

7 Reasons to back up G Suite using a third party

With new critical data being generated across G Suite, IT teams need to consider how they back up G Suite data and ensure against data loss or corruption.

Continue reading
Benefits of Automated Data Management

7 pay-offs one-stop data management gives MSPs

The Covid-19 pandemic has forced many managed service providers to seek faster, easier and more scalable ways to manage their customers’ data.

Continue reading

POPIA makes SA CEOs more accountable

Following a three-month delay due to coronavirus – and more than seven years after its enactment – the Protection of Personal Information (POPI) Act has finally come into force. 

Continue reading