Ransomware is one of the most important threats facing Internet users. Its rate alerts much to both companies and users. Hackers take advantage of the most popular sectors and where there are more users. One of these cases is Microsoft Office 365.
Microsoft Office 365 offers us space in the cloud, and other services such as email, calendar, etc. Cyber security professionals recommend this for business solution, but also at the user level. Microsoft Office 365 differs from its normal version in that we pay for its use on a monthly basis. Paying through the official page, we avoid paying for the software completely.
Now the ransomware affects users. One example is Cerber Ransomware, which pointed to Office 365 and flooded users’ inboxes with an Office document that invoked malware through macros. Also the WannaCry attack was designed to exploit a vulnerability of Microsoft. And now we have a new variety of ransomware, ShurL0ckr, designed to evade integrated malware protection in OneDrive and Google Drive.
To protect data within Office 365, organizations must adhere to the NIST Cybersecurity Framework, which offers guidance based on existing standards, guidelines and practices to better manage and reduce cyber security risk.
Identity management, data loss prevention, and backup and recovery are three crucial areas to evaluate within the Cybersecurity framework of NIST, especially when transferring high priority data to a SaaS application such as Office 365.
The ransomware encrypts all data and documents. It is what differentiates it from other types of malware. In return it asks for an economic rescue to release these files. Therefore, one of the data security professional’s recommendations is to create backup copies frequently. With this we manage to save our important data and, in case of being affected by a ransomware, the loss will be less.
Most of the ransomware comes through emails. That’s why experts also recommend configuring the Office 365 anti-spam protection policies. According to research by data security specialists, in most cases the users of a company are the gateway to the ransomware.
You have to make sure that users have the necessary security software to be able to deal with these types of threats, know the social engineering techniques used, etc.
Although this does not protect the ransomware by itself, it is a measure of data security to be taken into account. This allows us, in addition to entering the password, to enter credentials through a call, message or some notification. It is important to prevent them from accessing our accounts.
Working as a cyber security solutions architect, Alisa focuses on bug bounty and network security. Before joining us she held a cyber security researcher positions within a variety of cyber security start-ups. She also experience in different industry domains like finance, healthcare and consumer products.