Do you have an Office 365 email account? If so, it seems your chances of being attacked by cyber criminals are on the rise.
That’s the verdict of new data released today by specialist insurer Beazley, which highlighted that emails accounted for 23% of incidents reported to its breach response services team during the second quarter of the year – and that organisations using Office 365 were hit the hardest.
According to its findings, attacks were broadly distributed across multiple industry sectors, but business emails were proving particularly lucrative for hackers because compromising just one account could present a platform from which to spear phish both within and outside the organisation. Costs are high too – potentially exceeding $2 million – but the good news, according to Katherine Keefe, head of BBR Services, is that they are easy to prevent. Indeed, disabling the ability of third party applications gaining access to Office 365 also reduces the likelihood of an attacker using PowerShell, a task automation and configuration management system.
“Business email compromise attacks are among the more expensive data breaches we see,” she explained. “Years of emails often need to be combed through to identify personally identifiable information or protected health information that has been compromised. In the majority of cases, multiple inboxes are compromised.”