img-expertise

skillfulness by virtue of possessing a special knowledge

Hack acknowledged on Microsoft 365



What happened ?

According to ABC News, globally users of Microsoft 365 noticed rolling outages and disruptions to their email, Office software (Word, Excel, Outlook, etc), Teams communications and other Azure-based system in June 2023.

While originally holding their cards close to their chest, Microsoft eventually admitted that they had suffered a hack on their Microsoft 365 platform, it lasted for at least one week.

The hack was a Denial of Service (“DoS”) attack which, as the name suggests, is when a hacker undertakes activities which result in systems being overloaded with requests and, eventually, crashing. DoS attacks are often used as a part of or as a precursor to Dictionary attacks, whereby a hacker automatically tries countless (many millions) logon attempts using potentially known user names (ie - email addresses) and combinations of commonly used passwords.

There is no suggestion that this particular hacking event was specifically a Dictionary attack.



What does it mean to me ?

This is just another example of a leading global IT company having their security breached. These breaches will continue to occur and will likely increase in regularity. Artificial Intelligence (“AI”) is going to be a game changer for the bad guys and is going to empower them at a level never previously experienced.

If your business is reliant on systems such as Microsoft 365, Google Docs, Dropbox or Salesforce, you simply cannot assume (because you would be very, very wrong) that these large companies have your data fully protected. You need to have business continuity plans in place and you need to have a data backup strategy in place ... the sooner the better.



What should you do about it?

Ideally, stop being reliant on third party companies by investing in your own I&CT infrastructure ... in the medium to long term this would typically work out to be less expensive than subscription-based Cloud services anyway.

Realistically though, you’re probably not going to want to do that because the marketing machines of the “leading” global IT companies is too powerful and you’ve probably succumbed to their message and believe that the cloud is the future (whereas I would argue that the cloud is their future because it assures them better revenues compared to when they simply sold you a software program).

Accepting this likely reality, I advise that you should consider your appetite for risk and either:
(a) organise an ongoing cloud-to-cloud backup of the data held in your subscription-based services; or
(b) invest in your own “private cloud” system and organise an ongoing cloud-to-private-cloud backup of the data held in your subscription and use in conjunction with a magnetic tape backup facility that uses a combination of daily, weekly and monthly tape media which is the best way to ensure that you can recover your data to a moment in time.



Parting thought ... for you to ponder

According to OpenText, who are a provider of cloud-to-cloud backup services (you can contact us if you want more information about them - you can download their statement here):

“To keep your business-critical data safe, (cloud service) providers recommend using a third party solution to backup your data.

Microsoft : Point in time restoration of mailbox items is out of the scope of the Exchange service.

Salesforce : We recommend that you use a partner backup solution that can be found on the AppExchange.

Google : An administrator can restore a user’s Drive or Gmail data for up to 25 days after the data is removed from the user’s trash ... after 25 days, the data cannot be restored, even if you contact technical support.

Like many other providers, Microsoft, Salesforce, and Google Workspace have a Shared Responsibility Model. This means they are responsible for securing the infrastructure, and the customer is responsible for the securing the data itself.”


The problem with the Shared Responsibility Model is, as was demonstrated in June 2023, that these providers are and will continue to be attacked by the bad guys and it is your data and the survival of your business that is at risk!

 

 

 

Remex Consulting Pty Limited
Suite 9, Level 1, 14 Narabang Way
Belrose     NSW     2085

Copyright © 1997-2024

Telephone
Email

+61 2 9454 7400
webcontact@remex.com.au