Microsoft’s Office 365 platform is being subjected to a “massive attack” by a nasty piece of ransomware dubbed Cerber.
The warning, from security specialists Avanan comes after Office 365 celebrated its fifth birthday this week. That milestone prompted security experts to warn of the growing risks associated with the popular cloud service.
Microsoft meanwhile said this particular ransomware attack was not “specific to Office 365” and the attack had been “blocked within hours.”
“Starting June 22 at 6:44 a.m. UTC, Avanan’s Cloud Security Platform started to detect a massive attack against its customers that were using Office 365,” Toole said.
“The attack included a very nasty ransomware virus called Cerber, which was spread through email and encrypted users’ files. Once encrypted, Cerber demanded a ransom be paid in order to regain access to the user’s documents, photos and files.”
The virus even played an audio file warning that the computer’s files have been locked.
“While difficult to precisely measure how many users got infected, Avanan estimates that roughly 57 percent of organisations using Office 365 received at least one copy of the malware into one of their corporate mailboxes during the time of the attack,” added Toole.
“This attack seems to be a variation of a virus originally detected on network mail servers back in early March of this year. As it respawned into a second life, this time Cerber was widely distributed after its originator was apparently able to easily confirm that the virus was able to bypass the Office 365 built-in security tools through a private Office 365 mail account.
“Many users of cloud email programs believe they ‘outsourced’ everything to Microsoft or Google, including security,” said Gil Friedrich, CEO of Avanan. “The reality is that hackers first make sure their malware bypasses major cloud email providers’ security measures, and so most new malware goes through cloud email programs undetected.
“We are continuing to see a significant increase in the complexity of malware targeting business networks, and this attack is an excellent example,” said Nathan Shuchami, head of threat prevention, Check Point. “By utilising several exploit kits, it was able to bypass traditional sandboxes. It also speaks to the effort hackers are putting into creating new zero-day attacks and the challenges businesses face in securing their networks against cybercriminals.”
The growing threat against cloud services such as Office 365 has not gone unnoticed by Microsoft. The company has previously reacted quickly to threats, as and when it detects them.
Indeed, Microsoft responded to TechweekEurope and insisted that this particular attack was not specific to Office 365 and confirmed it had moved quickly to halt the attack “within hours”.
“Office 365 malware protection identified the attack and was updated to block it within hours of its origination on June 22,” a Microsoft spokesperson told TechweekEurope. “Our investigations have found that this attack is not specific to Office 365 and only a small percentage of Office 365 customers were targeted.”
Earlier this month Redmond said it would boost the security of enterprise deployments of Office 365 with Advanced Security Management, a suite of tools that offers admins threat detection, policy making tools and insights into how the software is being used.
This, Microsoft said, would help protect corporate environments and help IT departments maximise their resources by seeing what how Office 365 is being used and which applications are interacting with it.
Are you a security pro? Try our quiz!
Targetting AWS, Microsoft? British competition regulator soon to announce “behavioural” remedies for cloud sector
Move to Elon Musk rival. Former senior executive at X joins Sam Altman's venture formerly…
Bitcoin price rises towards $100,000, amid investor optimism of friendlier US regulatory landscape under Donald…
Judge Kaplan praises former FTX CTO Gary Wang for his co-operation against Sam Bankman-Fried during…
Explore the future of work with the Silicon In Focus Podcast. Discover how AI is…
Executive hits out at the DoJ's “staggering proposal” to force Google to sell off its…
View Comments
How long are we going to have to wait till Bitcoins and the like are brought under control? - This type of crime can only occur (effectively) by allowing untraceable currency to exist and be accessible from the mainstream (victims have to be able to pay).
What are law enforcements doing about it - absolutely as little as possible it appears, yet this is a serious crime with more than just money being stolen.