Microsoft’s Office 365 has become the latest ransomware victim – By Bob Milliken

0
295
Bob Milliken
Bob Milliken

The Internet is a powerful platform and I think it’s fair to say that for the vast majority of us it has become an integral part of our daily lives. It brings people together on a global level and provides access to a wealth of information anytime we please. But, with the good, comes the bad. We all know the good – but sadly some utilize their skills to commit cybercrimes.

Case in point, the recent worldwide zero-day ransomware virus called CERBER attacked millions of Microsoft’s Office 365 mail program users.

Steven Toole, a researcher for the cloud-security firm Avanan, told us that at least 57 percent of all Microsoft Office 365 customers on Avanan’s platform received at least one phishing attempt that contained the infected attachment. According to reports, it took Microsoft over 24 hours to detect the attachment and block it on incoming mail.

Microsoft reports that there are over 18.2 million Office 365 subscribers worldwide.  The Cyber attacker charged 1.4 bitcoins ($500 US) to undo the encryption and return the data to the user. Yikes!  That’s a lot of BitCoin that may have changed hands. Is it little wonder then that CyberCrime is such big business?

The point is Office 365 was compromised, regardless of how quickly it was detected, and many people were asked for a ransom and were told that their files have already been encrypted. Still wanting to come across as polite, the ransom came with an audio recording that detailed what the attack was and what measures must be taken in order to regain access to the files.

Toole noted that “This attack seems to be a variation of a virus originally detected on network mail servers back in early March of this year,” He also added that “As it respawned into a second life, this time Cerber was widely distributed after its originator was apparently able to easily confirm that the virus was able to bypass the Office 365 built-in security tools through a private Office 365 mail account.”.

This proves that cyber criminals go to great lengths to not only use their tools but to improve on them and eliminate flaws. So no matter how many firewalls, passwords or fire-breathing dragons you have to guard your servers and networks, without the right network security measures in place, chances are they’ll manage to find a way to overcome the hurdles and wreak whatever havoc they can.

Network security isn’t something to be taken lightly. If you are unsure about how safe or how capable your systems are in fending off cyber threats – get in touch with us. We are computer network security experts and can help you with any ransomware or security-related issue you may have.

Bob Milliken is the TheITguy@CascadiaSystemsGroup.com specializing in helping businesses with their IT needs and is the partner your company needs to take full advantage of everything that Cloud Computing has to offer.Connect with him at 604.270.1730.