Snynet Solution Logo
MON - SUN: 10 AM - 6 PM
+60 11 5624 8319

Blog

Corporate email servers remain hackers' favorite target

Image Description

Attacks against Microsoft 365 Exchange Online systems is the number one threat for businesses of all sizes, according to a new report.  

Conducted by cybersecurity company Vectra AI, the research identifies the top ten threats that impacted its customers across Microsoft 365 and Microsoft's cloud-based identity and access management (IAM) solution, Azure Active Directory (AD).

Vectra tracked the top threats across small, medium, and large businesses to find any correlations between the threats and the size of the business. It calculated the relative frequency of threat detections that were triggered during a three-month period.

TechRadar needs you!

We're looking at how our readers use VPN for a forthcoming in-depth report. We'd love to hear your thoughts in the survey below. It won't take more than 60 seconds of your time.

>> Click here to start the survey in a new window<<

Regardless of the size of the business, threats against Exchange Online were at or near the top for all of them, which Vectra argues may indicate that attackers are constantly trying to manipulate Exchange to gain access to specific data or further attack progression.

Detection similarities

From its research, Vectra discovered that larger businesses triggered less number of detections.

“This general trend of larger companies triggering fewer detections when compared to smaller companies tells us that the large companies’ users and administrators may perform Office 365 and Azure AD activity more consistently compared to smaller organizations,” suggests Vectra.

The research also revealed that Azure AD suspicious operations, which might be an indication of attackers trying to escalate privileges to perform admin-level tasks, are the next most common threat for small and medium-sized businesses. Surprisingly, this threat doesn’t feature in the top ten threat for large businesses.

Vectra suggests that a number of these threat detections represent activities that provide ease of use, collaboration with external parties, and provisioning of administrative access to the Azure AD environment, which also provides means for attackers to compromise the service.

Date

19 May 2021

Sources


Share


Other Blog

  • Going digital was crucial to the survival of most SMBs during the pandemic

    SMBs adopted digital-first technologies that not only helped them survive the pandemic but also allowed them to grow their businesses.

    Read More
  • Even Google's toughest security tools can't protect from this flaw

    Security keys from Google and Yubico could face attack from hackers.

    Read More
  • SonicWall hacked through flaw in its VPN service

    SonicWall has warned customers that a zero-day vulnerability has been found affecting several of its VPN products.

    Read More
  • Financing the hybrid workplace of tomorrow

    The future of work is here, but do you finance it? Matt Valentine, Director at Aruba UK&I discusses the challenges.

    Read More

Find Out More About Us

Want to hire best people for your project? Look no further you came to the right place!

Contact Us