Automated attacks against popular office applications have increased in sophistication over recent years, using variations of the usernames and passwords to compromise accounts. Office 365 and Google G-Suite account for the majority of office productivity applications used by both small and large companies. So, as you can imagine, the potential damage caused by G-Suite or Office 365 hackers can be catastrophic.
In 2019, Microsoft Office 365 accounts fell victim to a startling number of attacks. But these Office 365 hackers didn’t stop in 2019. Now, in 2021, cyberattacks are as prolific as ever.
(We also recently covered how other cyberattacks are getting trickier in this post: Phishing Schemes Getting Complex: Are You Prepared?)
Office 365 Hackers
As for the influx of Office 365 hackers and their attacks in 2019, “The affected organizations are from various industries and countries, with K-12 and higher education sectors being most vulnerable. Over 13% of successful attacks were aimed at educational institutions, and 70% of all educational institutions’ tenants experienced breaches from these IMAP-based brute force attacks,” says Proofpoint.
More than 2% of the user accounts were targeted, and that 15 in 10,000 were successfully breached. On paper, these numbers seem low, but when you consider that the attacks are all automated and take little effort, all businesses should be concerned.
The Office 365 hackers mainly aim to leverage compromised accounts for internal phishing and BEC (Business Email Compromise) man-in-the-middle attacks. Most successful attacker logins originate from Nigerian IP addresses but are initiated by China (53%) and Brazil (39%), and the United States (31%).
IMAP being the most commonly abused protocol in these attacks, the attack success rate was at 44%.
Usually, unprotected and unpatched devices on the internet are hijacked by nefarious players to initiate these attacks. These hijacked devices gained access to new tenants every 2.5 days on average during a 50-day period. That’s enough to make ANYONE nervous, let alone companies with critical information stored on these platforms.
Hackers also weaponized G-Suite in 2019, and they do this in several ways, including:
- Hosting zero-day malware on Google Drive
- Hosting malicious links on Google Drive
- Disguising malicious links with Google redirects
Anyone on the cloud is vulnerable to these attacks, whether through G-Suite, Office 365 hackers, or any other means.
So, what can you do?
Protecting Yourself from Office 365 Hackers and Beyond
CloudNexus recommends fully patching and monitoring internet-connected devices. Consider outsourcing these services if you want to not only take a lot off your own plate, but also give yourself the peace of mind that secure protection is in place for your critical data. To truly protect yourself from all angles, full cloud security includes scanning links in emails, folders, and documents, so nothing flies under the radar.
(Would you also like to learn more about the benefits of IT managed services? You’ll find a great breakdown in this post)
Password strength is also a key prevention mechanism. One of the more common passphrases includes the combination of a sports team and a year (i.e. Celtics84). These easy-to-guess passwords are loaded into password dictionary files and used in brute force attacks. Using the IMAP protocol effectively prevents automatic lockouts that allow brute force attacks to work.
How can we help?
Is your organization secure? Do you have critical data protection from both inside and outside? Find out for free with a preliminary Cybersecurity Analysis. Or, contact us today at 502-440-1380 and schedule an in-depth network vulnerability scan for free. We specialize in cybersecurity management, and you can trust you and your business are in good hands with our team.
Did you learn a lot about cyberattacks and protecting yourself in this post? Try one of these articles next:
This article about Office 365 hackers was first published in 2019, but was updated in 2021 just for you.