Microsoft Office 365 software forms an integral part of any modern business, but due to its market dominance, particularly emails, it has become a preferred attack method for professional hackers. Microsoft is constantly updating their platform security and providing IT professionals with additional tools to combat the sophisticated attacks.
How are the hackers accessing Microsoft Office 365?
Traditionally, Office 365 email security is based on complex password policies and regular password rotation, Microsoft enabled two-factor activations (2FA), and Microsoft Exchange online protection (EOP).
You would think that would be enough!
However, the focus for professional hackers is on social engineering, encouraging the end user to logon to a website that appears to be a genuine Microsoft page, and entering their username and password. Using this method, the 2FA is bypassed by stealing the users session token and gaining access to their Office 365 email account. Sometimes the account is simply monitored by the hacker who creates outlook rules for emails, allowing the hacker to impersonate the account holder. There are even more advanced attacks involving third party software integrating with the users email account directly.
A few years ago, Multifactor Authentication was seen as the silver bullet when it came to securing access but now the hackers have even worked around this. It is difficult, but it’s not impossible.
New Added Microsoft Office 365 Security.
With these attacks Microsoft has lifted their security recommendations for the Office 365 platform:
- Conditional access policies based on device / device compliance and the device location.
- Long passwords with no rotation, such as phrases with a minimum of 16 characters
- Defender for Office 365 – cloud-based email protection for your exchange server
- Password (Less) Authentication – secondary login using Fingerprint / Authenticator App / unique device password.
- Mobile device management.
These new standards form part of the cyber-security best practice outlined by the Australian Signals Directorate (ASD) in the “Essential Eight Maturity Model”. The Essential Eight Maturity Model is based on ASD’s experience in producing cyber threat intelligence, responding to cyber security incidents, conducting penetration testing and assisting organisations to implement the Essential Eight.
Speak to an expert who can help implement the Essential Eight and protect your business from professional hackers.
Talk to Jason Drew from Secom Technology Group – Ph: 1300 781 224