Specialist insurer Beazley has reported that cloud-based office solutions are coming under increasing attack from cyber-criminals. The majority of incidents involving compromised business email accounts reported to the Beazley Breach Response (BBR) Services team during the first quarter 2018 were for organizations using cloud-based programs, a sharp increase over the previous quarter. The three sectors most affected were financial services, healthcare and professional services.
More and more organizations are turning to cloud-based solutions but, when a business email account is hacked, they find that the system’s default settings are inadequate to show the extent to which emails have been compromised.
These incidents are usually caused by an employee clicking on a link in a phishing email, HelpDesk message, or Microsoft survey. After clicking on the link, the employee is redirected to a legitimate-looking website and asked for email credentials. This provides genuine credentials to the cyber-criminal who can then log into the account undetected. Once in the chain of communication, the cyber-criminal can provide fraudulent instructions to divert and steal payments made by or to the organization, or access personally identifiable information.
The compromised credentials may also allow the cybercriminal to access other data and, if the organization uses cloud-based OneDrive storage, the cybercriminal will have access to all files the employee can access.
Katherine Keefe, global head of Beazley Breach Response Services, said: “The number of compromised email accounts is accelerating but simple steps such as frequently changing passwords, having dual-factor authentication and removing auto-forwarding or auto-delete rules can help reduce vulnerabilities. With privacy regulations becoming more stringent and the public demanding greater accountability for their personal data, it is more important than ever for organizations to secure their lines of defense.”