Recently, it was discovered that a feature of the package Microsoft Office 365 can help malicious people access files stored in SharePoint and OneDrive. That way, hackers can launch attacks on cloud infrastructure.
Read more: Digital wallets allow your data to be stolen through Gmail
see more
Replaced by ChatGPT at work, woman spends three months…
Towards artificial intelligence: Apple plans to integrate chatbot in…
What are the consequences of these attacks?
Basically, cloud ransomware attack allows file-based malware to encrypt files stored on SharePoint and OneDrive. As a result, they could be left unrecoverable without the possibility of dedicated backups or even an attacker's decryption key. Basically, user data can be hijacked through encryption.
By accessing the account, the attacker could create too many versions of a file or even lower the version limit of a document library to a low number. It then proceeds to encrypt each file twice. Soon, all original versions are lost, leaving only those altered by hackers in the cloud account. Thus, they end up asking for a ransom from the companies so that the files can be recovered.
Microsoft's response
According to Microsoft, older versions of files can potentially be recovered and restored for more than 14 days through Microsoft Support. In addition, the company highlighted that by adopting safe computing practices, such as opening internet links with caution and avoid unknown file attachments, it is very likely that the user will not face this problem.
Microsoft even pointed to a feature called "One Drive ransomware detection", which notifies users of the package of a potential attack and allows victims to restore their files. Still, cybersecurity experts indicate that some measures are necessary, such as the adoption of a policy strong password, prevent large-scale downloads to unmanaged devices, and require multiple authentication factors.
