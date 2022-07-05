Recently, it was discovered that a feature of the package Microsoft Office 365 can help malicious people access files stored on SharePoint and OneDrive. Thus, hackers can launch attacks on cloud infrastructure.

What are the consequences of these attacks?

Basically, the cloud ransomware attack allows malware to drop into files to encrypt files stored on SharePoint and OneDrive. As a result, they can become unrecoverable, without the possibility of dedicated backups or even an attacker’s decryption key. Basically, user data can be hijacked through encryption.

By accessing the account, an attacker can create many versions of a file or even reduce a document library’s version limit to a low number. It then proceeds to encrypt each file twice. Therefore, all original versions are lost, leaving only those altered by hackers in the cloud account. Thus, they end up asking for a ransom from the companies so that the files can be recovered.

Microsoft’s response

According to Microsoft, older versions of files can potentially be recovered and restored for more than 14 days through Microsoft Support. In addition, the company highlighted that by adopting safe computing practices, such as opening internet links with caution and avoiding attachments of unknown files, it is very likely that the user will not face this problem.

Microsoft even pointed to a feature called “One Drive ransomware detection,” which notifies users of the package of a potential attack and allows victims to restore their files. Still, cybersecurity experts indicate that some measures are needed, such as adopting a strong password policy, preventing large-scale downloads to unmanaged devices, and requiring multi-factor authentication.