The modern workforce, with its need for remote work locations and mobile applications, has certainly been good for productivity, but it has also opened new doors for hackers. Malicious attackers are always looking for new opportunities to compromise your data, but because Office 365 is an essential business tool, hackers have seen it as an effortless means of gaining access to company networks. Recent O365 brute force attacks against multiple Fortune 2,000 organizations highlight the ingenuity of attackers and the need to address the vulnerability of Office 365.
What Is a Brute Force Attack?
A brute force attack occurs when hackers use automated scripts to cycle through as many attempts as possible to crack someone’s password. While cloud service providers are ever on the lookout for brute force attacks, the concerted effort against Office 365 has been causing the most issues lately. Hackers, to remain undetected, have been attempting to fly under the radar with their attacks, exploiting user accounts and passwords obtained from earlier breaches suffered by Dropbox and LinkedIn.
Knowing that some people use the same password on multiple accounts, hackers slowly and methodically try every conceivable email and password combination, in the hopes of finding one that lets them in. All it takes is one person reusing the same password and username on more than one site to give hackers access, which is why hackers have generally been successful. In the last attack, there were 100,000 failed logins from 67 different IP addresses and 12 different networks. This demonstrates a coordinated effort against high-value targets in a strategic manner that avoided detection, also suggesting that hackers already had access to some personal information.
Username–Password Authentication is Not Enough
Many businesses continue to rely on username-password authentication for login purposes, but given current cybersecurity threats, that is no longer adequate. An organization’s security infrastructure must involve multi-factor authentication, due to attacks stemming largely as a result of weak identity security and phishing email scams.
Although current versions of Office 365 support basic two-factor authentication, older Microsoft clients and third-party email applications do not have this feature. Furthermore, multi-factor authentication must be manually activated and updated. It is critical for all businesses to take the steps necessary to protect their sensitive data linked to Office 365.
What You Can Do
- Use built-in security features – Although built-in features aren’t always enough to prevent malicious attacks, they do provide an added layer that can boost overall security. Office 365 is equipped with an intuitive junk-mail filter that can help distinguish between spam, phishing, and legitimate emails. You can also upgrade to Advanced Threat Protection, which is an extension of an Office 365 subscription.
- Upgrade your system – Make sure that your security system, as well as your Office 365 subscription, is up to date. Failure to install an update can leave your cyber doors wide open.
- Disable email hyperlinks – This option is not the most user-friendly, but it can be effective. Disabling links within an email can reject a hacker’s attempt to bury a false URL.
- Educate users – Human error is the crux of most successful phishing attacks. Educate your employees and clients on how to identify phishing attempts, and you can prevent a major breach in your systems.
The ITeam supports all of your Office 365 needs and partners with you to make sure you can make the transition and manage the service effectively. Because of the risk these O365 brute force attacks represent, we now require our clients using RDP implement multifactor authentication with O365. To learn more about our Microsoft O365 services, visit https://www.theiteam.ca/office-365/ or contact us.