Increase in Cyberattacks Targeting Cloud Applications
COVID-19 has caused many businesses to adopt cloud applications to keep up company productivity. Cloud applications are programs and digital tools that are hosted in the internet and allow for easy collaborative workflows and communication.
A prime example of a cloud application is Microsoft’s Office 365 suite. It brings the well-known Office applications such as Word and Excel and makes it easier for teams to collaborate, share files, and use video calls for communication over the internet. While these tools have been available for years, COVID-19 has brought them into the spotlight, as they have become invaluable assets for companies to maintain their workflows. Some other cloud based tools include Zoom and Slack.
In a recent study conducted by cybersecurity company McAfee on cloud application usage rates, it was found that between January and April of this year, the usage of cloud based tools increased by 50%. It was also discovered that cyberattacks targeting these cloud applications increased by a factor of 630%.
In their study, these cyberattacks were identified using two main methods. The first method, ‘activity from an uknown location’, flags suspicious log in attempts made on an account in a location that is unusual, based on historical log in data. The second method, ‘suspicious superhuman’, detects login attempts that would be geographically impossible. An example of this would be two logins attempts from across the globe within 5 minutes of each other.
What are their methods of intrusion?
One of the most common methods of infiltrating cloud based accounts is by using “spraying attacks”. This is a type of brute-force attack that attempts to guess a user’s password based on commonly used passwords, and a common habit for users to reuse passwords across services.
The most effective method of protecting yourself from spraying attacks is by enabling multifactor authentication. This makes sure that external cyberattackers cannot get into your cloud accounts. An account protected by MFA cannot be accessed by someone who does not have access to both the credentials and the external device or mailbox associated with the account.
Don’t let your cloud accounts be compromised. Protect yourself by calling GIGE at +1 888 366 4443 or emailing us at firstname.lastname@example.org to get started.