Last week, Microsoft Office 365 users were potentially exposed to a massive zero-day Cerber ransomware attack which consisted of not only a ransom note, but an audio warning indicating that victim's files were encrypted.
Researcher of the cloud-security firm Avanan, Steven Toole, indicates that his company saw the first attack hit at 6:44 a.m on June 22 and following that, at least 57 percent of all Office 365 customers received at least one phishing attempt that contained the infected attachment. According to the first quarter of Microsoft's 2016 earnings report, there are 18.2 million Office 365 subscribers.
The twist that followed is that the ransom note was accompanied by an audio file explaining the attack and how to regain access to the files. Toole states that it took Microsoft over 24 hours to detect the attack and start blocking the attachment. The attacker asked for a ransom totaling 1.4 bitcoin, or about $500, for the decryption key.
"This attack seems to be a variation of a virus originally detected on network mail servers back in early March of this year," Toole wrote. "As it respawned into a second life, this time Cerber was widely distributed after its originator was apparently able to easily confirm that the virus was able to bypass the Office 365 built-in security tools through a private Office 365 mail account."
Microsoft did not reply by press time to an SCMagazine.com request for further information regarding the attack.
Vorsite will continue to investigate on the matters of this attack and keep you updated.
What can be done to protect against future attacks? Cyber criminals specifically test their ware to ensure it can bypass the targeted cloud services applications and processes put in place. "A layered defense is critical, whether that's combining multiple security tools in the cloud or beefing up endpoint protections." says Fahmida Rashid at InfoWorld There are number of security solutions complimentary to Office 365 that will fortify organizational data against future attack. If you control the situation, you control the result. With Cloud Backup, you have control with backup and restore services.