Blog | Vade

Email security in Office 365: strengths and weaknesses

Written by Adrien Gendre | March 14, 2018

According to an analysis conducted by IBM Security, the number of emails containing ransomware has increased 6,000% between 2016 and 2017. The risk today is greater than ever.

Email systems based in the Cloud - like Office 365 - are not spared, and are as vulnerable as any other if they do not have appropriate protection.

Thus, the Office 365 environment has been hit in 2017 by waves of Jaff and Locky ransomware attacks, as with other systems.

At the start of 2018, specific threats to the Office 365 environment appeared, such as “ShurL0ckr”, “Ransomware as a Service” platform which go undetected by Office 365’s anti-malware filters.

ShurL0ckr targets and infects OneDrive (Office 365) collaborative storage areas, encrypting the data it finds.

These sneak attacks can steal passwords, Bitcoin portfolios or software keys, launch denial of service attacks, and more. They are increasingly advanced and hard to detect. For example, they invite their future victims to open a document contained in a ZIP file and provided as an attachment, or to click on a corrupted link. The company can suffer serious consequences with only one attack. This is even more true in a centralized and collaborative environment like that of Office 365.

In truth, the entire sector must adopt stricter measures to ensure the security of their emails. An increase of 50% in ransomware attacks in the past year shows that companies are confronted with a crude struggle to protect their team members’ emails.

 Download how to protect OFFICE 365 emails

What is the level of email protection offered by Office 365?

Your company has chosen Microsoft Office 365 to protect your emails against attacks. But do you think that this is sufficient? We report below on the strengths and weaknesses of Office 365 related to email protection:

Strengths:

  • Microsoft Office 365 is one of the most popular office suites in the Cloud on the market today. It is made up of several SaaS applications developed for collaboration.
  • It provides office applications to companies, a storage and sharing solution for files, a video conference solution, as well as a professional email service based on Microsoft Exchange.
  • Notifications are sent to administrators and users if there is a suspicion of a phishing attempt.

Weaknesses:

  • Office 365 proposes 2 levels of email security options called “Exchange Online Protection” and “Advanced Threat Protection” for a protection level in the low-middle of the market, according to an SE Labs study, “Email-hosted protection” published in August 2017.
  • This same study confirms a high level of false positives for the proposed protection solutions.
  • Office 365 is, as we've shown earlier, a target of specific attacks which must be managed
  • The proposed protection systems, especially Microsoft Exchange Online Protection, do not detect Office 365 phishing and spear-phishing attacks (also known as attacks on the president or CEO impersonation frauds).
  • Due to the technologies they use, the proposed protection solutions guarantee efficacy against all known threats. But what about the new threats which were so devastating in 2017? New threats have blown through protection systems.

Download how to protect OFFICE 365 emails

How can one protect Office 365 email systems against all attacks?

As we have observed for over a year, new malware using 0-day faults (unknown to publishers and the public) can penetrate the usual email filtering mechanisms.

Classic email protection technologies, based on analysis of the reputation and fingerprinting, are no longer effective against the evolution of these threats. The only effective email security solution uses the ability to anticipate new attacks using prediction.

In order to protect Office 365 email services, the native protection system should be completed with artificial intelligence systems, the only ones which can detect all new threats from the first attack forward.