Google Workspace and Office 365
With the increasing threat of cyberattacks, it has become apparent that our customers are not adequately protected with backups. Discover how a cybercriminal can attack you and your business.
A new and little-known threat has emerged, even among cybersecurity experts. Most of us have heard of crypto viruses and ransomware, which hold our systems hostage by encrypting them and demanding a ransom for recovery. This type of virus has now evolved to target SaaS applications like Microsoft 365 and Google Workspace, and is known as “ransomcloud.”
How a Cloud Ransom Attack is Set Up
Like ransomware, ransomcloud attacks begin with a spear phishing attack. Cybercriminals target a specific person in the company, posing as Microsoft or Google. In one such attack, the cybercriminal sends an email pretending to be an automated message from Microsoft, offering a new feature. The user is prompted to click on a link and connect to their Microsoft 365 or Google Workspace account, and then grant critical administrator access permissions. Once the permissions are granted, the cybercriminal has everything they need to carry out the attack.
The cybercriminal takes full control of the victim’s Microsoft 365 or Google Workspace environment, giving them access to all contacts, emails, and the ability to send emails as the victim. They can also encrypt all of the victim’s emails, leaving them unable to view the content of existing or incoming emails. The victim is then sent a ransom demand in cryptocurrency.
Three Tips to Better Protect Yourself from Cyberattacks
For small and medium-sized enterprises, consider developing a relationship with a management/IT services firm that prioritizes and has expertise in cybersecurity. For larger companies with complex systems, work with a reputable cybersecurity firm.
Invest in educating and sensitizing your employees about cybersecurity and recognizing phishing attacks. Partner with your IT or cybersecurity firm to make sure your employees are trained and equipped to serve as your first line of defense.
Prepare for the worst by investing in other parts of the safety net, such as advanced anti-spam and backup solutions for Microsoft 365 and Google Workspace, despite the popular belief that the cloud provides automatic backups.
If you have experienced these issues or have any questions, please don’t hesitate to contact us and we will assist you in finding a solution.
The information in this article has been sourced from Maxime Provencher, a specialist at Datto.