JUNE 17, 2022
[vc_row pix_particles_check=”” nav_skin=”light” consent_include=”include”][vc_column][vc_column_text]A dangerous Office 365 functionality has been identified by Proofpoint security researchers that allow ransomware to encrypt files stored on SharePoint and OneDrive in a way that makes them unrecoverable without a decryption key. Cloud systems are considered to be more resilient to potential ransomware attacks due to flexible data recovery and backup options. However, research shows that organizations and cloud infrastructures using cloud solutions will be targeted by ransomware attacks in the future.
The chain of attacks begins when threat actors gain access to their SharePoint Online or OneDrive accounts by seizing the identities of Microsoft users. Threat actors can follow multiple methods to access users’ SharePoint or OneDrive accounts. These methods are:
Threat actors that gain access to OneDrive or SharePoint user privileges and data in the cloud identify and discover accessible data in Office 365 environments in the next step. This attack differs from traditional ransomware activities because the encryption phase requires that every file in SharePoint Online or OneDrive is encrypted beyond the allowed versioning limit. With this method, all original versions of files stored in cloud solutions are lost, and only encrypted versions of each file remain in the cloud account. At this point, threat actors can demand ransom from the targeted institution/organization.
[/vc_column_text][vc_empty_space][/vc_column][/vc_row]
Take control of your digital security with an exclusive demo of our powerful threat management platform.