“You can run, but you can never hide!” – the singer probably had ransomware in mind. From nut and bolts ransom to double extortion threats, supply chain attacks like Kaseya’s REvil, and even Ransomware as a Service (RaaS – it exists!). Ransomware is robustly evolving to become the “most prominent malware threat” with experts estimating that a ransomware attack occured every 11 seconds in 2021 resulting in total damage costs of US$ 20 billion in 2021. But don’t run to the mountains yet, Microsoft has taken note and built efficient tools for ransomware detection and recovery. We do a deep-dive of the native and non-native options available for ransomware protection with Microsoft 365 (Office 365 rebranded).
Speak with our Cybersecurity Expert
Can Ransomware Affect Microsoft (Office) 365?
Microsoft 365 is stringently secure with zero-trust architecture, continuous security assessment, the principle of least privilege, and security awareness training for its employees. However, it cannot protect you from attacks or data loss at your end due to malware, ransomware, human error, sync issues, or malicious deletion. Email phishing is the main vector driving ransomware attacks and the ubiquitous Microsoft Office 365 email is heavily targeted. With its valuable personal and business-critical data, there have been growing reports of Microsoft Office 365 being hit by sophisticated attacks of ransomware – WannaCry, Cerber, Wickr/Hello, and others.
It takes one click on a phishing link in an email or Teams chat for ransomware to enter into your network. Once in, the ransomware can either delete, encrypt or exfiltrate Microsoft Office 365 data stored in Exchange, OneDriv