During the most recent Security Analyst Summit in Singapore, host Kaspersky Labs revealed that the proportion of attacks against Microsoft Office products rose to 70 percent of all recorded attempts. This represents an over 430 percent increase from 2016, according to Kaspersky. The news comes not long after several zero-day exploits were found throughout multiple Office files which Microsoft has been trying to patch.
Office 365 Bugs
Kaspersky highlighted during the presentation that many of the most harmful vulnerabilities exploited in MS Office attacks are actually found in related components and files. Hackers typically target legacy applications that carry over into modern versions, or the ubiquitous file types derived from Office programs such as Excel. The flaws in these vectors are leveraged by attackers as backdoors into the networked Office 365 suite from which they may be able to obtain privileged access.
Microsoft Office Cybercrime Ecosystem
Bugs have always existed in Microsoft Office – as they have in every program – but the popularity of its products and the transition to a cloud platform is generating an added commitment to exploiting cybersecurity gaps. Microsoft is such a huge platform that the likelihood of an Office application interacting with other systems is high. The inevitable appearance of flaws in both legacy code and new products broadens the attack surface hackers can take advantage of, especially with a brand that is effectively a household name.
Your Office 365 Data is Vulnerable
The combination of bugs, growing attack rates and a lack of widespread best practices when it comes to data backup and protection create a very real danger for your Office 365 data. Hackers exploit this confluence of factors to find security gaps in your system and proliferate malware, among other attacks methods. The modern connectivity of Microsoft products allows these malicious files to spread between applications and storage folders quietly if they are not caught in time.
Office 365 – Ransomware Target
Of all of the types of malware that can affect your Office 365 system, ransomware is one of the most potentially destructive to SMBs. Ransomware locks down all of the data in your network and causes downtime in the best-case scenario – at worst, all of your files may be lost forever.
Download our e-book on combating ransomware in your Office 365 environment to learn the best ways to protect against extortion malware.