Cloud Users Suffered up to Seven Malicious Account Takeovers

0

Vectra AI, has released a survey of 1,112 security professionals working in mid to large sized organisations using Microsoft Office 365. The results confirm that the COVID-19 pandemic has accelerated cloud migration and digital transformation among 88% of companies and that 71% of Microsoft Office 365 deployments have suffered an account takeover of a legitimate user’s account, not once, but on average seven times in the last year.

The fact that three in four companies have experienced malicious account takeover attacks may explain why over 60% of Asia Pacific respondents believe the gap between the capabilities of attackers and defenders is widening.

The challenges faced by defenders also mirror findings of the last Spotlight Report which tracked the behaviour of four million Microsoft Office 365 customers over 90 days. Account takeovers were on the top of the list of methods used by attackers to move laterally between the cloud and network. The report also found that 71% of customers showed suspicious Office 365 Power Automate behaviors.

Chris Fisher, Director of Security Engineering APJ for Vectra says, “One hundred percent of ANZ survey respondents indicated their organisation’s cybersecurity risk had increased in the last 12 months to February 2021. As a result of increased Microsoft Office 365 usage during COVID-19, their main security concern is now the risk of data being comprised and the ability for hackers to hide their tracks by using legitimate Microsoft tools, such as Power Automate and e-Discovery.”

In terms of 2021 threats, 45% of ANZ respondents expect to see a steep acceleration in cloud-based attacks. When it comes to improving their security posture in 2021, more than half of ANZ survey respondents are focusing on more proactive threat hunting

Vectra’s survey also revealed a high level of confidence among security teams in the effectiveness of their own company’s security measures: nearly four in five claim to have ‘good’ or ‘very good’ visibility into attacks that bypass perimeter defences like firewalls. However, the combined number one priority tool for investment within these companies is NDR (Network Detection and Response) followed by EDR (Endpoint Detection and Response) to help bolster their defenses.

How security professionals are currently allocating their focus was also reflected in Vectra’s survey which found about 20% of team time is being spent on reactive investigations with a similar amount on proactive investigations.

“Not surprisingly, stress levels have increased among APAC respondents because of COVID-19,” says Fisher. “The biggest frustration for those with security solutions appears to be a lack of integration with other solutions and the amount of time needed to manage them.”

Fisher says cyber threats left unidentified can have huge financial and reputation repercussions as more attackers seek to exploit ongoing COVID-19 challenges across industries.  “Entities need to focus on their networks and maintain good cyber hygiene to drive down the noise coming into security operation centres. How quickly an entity responds to a breach and identifies the attacks quickly and effectively will determine who succeeds in this fast-changing time,” Fisher comments.

“Vectra delivers a demonstrably powerful enabler for security teams to achieve more, in compressed timeframes and ultimately protect and reduce business risk for their organisation,” said Fisher. “The tremendous value of our AI-driven NDR platform, which combines advanced machine learning algorithms and insightful threat research, is evident in our growing number of new customers in the Asia Pacific region.

Other key findings from the report include:

  • IoT/Connected devices and identity-based attacks are the top two security concerns for 2021
  • 58% of businesses plan to invest more money in people and technology and 52% will invest in AI and automation in 2021
  • The biggest frustration with existing security solutions is the amount of time needed to manage them
  • The best thing about their roles as security professionals is the satisfaction of stopping attacks and protecting their companies, whilst frustration at end user’s lack of understanding of cyber security remains the biggest frustration.

Download the full findings of the research here.

Share.

Comments are closed.