Intrusion attempts on Microsoft 365 accounts appear to be very widespread. The vast majority of companies that purchase Microsoft 365 have seen malicious attempts to take over employee accounts.
This is according to a report by cybersecurity firm Vectra, which surveyed 1112 IT decisionmakers. The company claims that 71 percent of Microsoft 365 deployments have seen takeover attempts, in some cases up to seven times. ITProPortal writes that companies found it difficult to identify or intercept the attacks. Sometimes it took days or even weeks to apply countermeasures.
Fear of losing access
The biggest fear among companies is to lose access to their accounts. Companies also fear that the data they keep in the cloud will be compromised and that hackers will use ‘living off the land’ attacks to disguise their activities.
Still, companies’ security teams are generally confident about their security, claims the report. Nearly four-fifths of respondents claim they have ‘good’ or ‘very good’ visibility into attacks that manage to bypass their defences. Respondents at management level would be even more confident.
Reality is not that simple
“Senior managers invest a fortune in technology and think they’ve ticked the security box. While the investment is certainly welcome and helps us reduce risk, in reality it isn’t that simple,” said Kevin Orritt, ICT Security Manager at Greater Manchester Mental Health NHS Foundation Trust.
“We still need the people to be able to interpret and action the alerts and make sure that we’re actually measuring the right things. Attack vectors are constantly changing and security teams need to be sure they’re able to adapt to prevent, defend and mitigate an increasing array of attack vectors with security teams that are being stretched to the limits.”