Microsoft Office 365 users have become the main target of attacks for credential theft and unauthorized access to systems: confirmation appears in the responses of the 1,112 cybersecurity professionals interviewed for the survey “Office 365 User Survey: IT Security Changes Amidst the Pandemic ”, published by the artificial intelligence company Vectra AI. The results say that in 71% of MS Office 365 deployments in medium and large companies there were up to seven legitimate user account appropriations in the last 12 months.
Only one in three security professionals, according to the document, believes that he could immediately identify and stop an account control attack; most assume that it would take days or even weeks to intercept the breach. These challenges faced by blue teams also reflect the conclusions of the last Spotlight Report, also ad Vectra AI, which tracked the behavior of four million Microsoft Office 365 customers over 90 days. The study indicates that 96% of networks exhibited suspicious lateral movement behavior and that account thefts were at the top of the list of methods used by attackers to move laterally between the cloud and the network. Other research findings for 2021:
- IoT / connected devices and identity-based attacks are the two main concerns
- 58% of companies plan to invest more money in people and technology
- 52% will invest in AI and automation
- The biggest frustration with security solutions is the time it takes to manage them
- The best thing about your roles as security professionals is the satisfaction of stopping attacks and protecting your companies.
- Their biggest frustration is the end user’s lack of understanding of cybersecurity
Despite the recognized risk, the research shows that there is a high level of confidence among security teams in the effectiveness of the measures adopted by their own companies: almost 80% say they have good or very good visibility of the attacks that circumvent the perimeter defenses, such as firewalls. Still, there is an interesting contrast of opinions between management-level respondents and field professionals, such as Security Operations Center (SOC) analysts. Managers exhibit much more confidence in their defensive skills. Overall, the main security concerns cited by Microsoft Office 365 customers are the risk of compromising data kept in the cloud, the risk of account control, and the ability of hackers to use real attacks to hide their tracks.
With international agencies
See the original post at: https://www.cisoadvisor.com.br/furto-de-identidades-do-office-365-em-71-das-implantacoes/?rand=59039