print   email   Share

Knowing Internal Online Habits Helps Limit The Risk Of Cloud-Based Malware Attacks

System security expert, McAfee, released its second quarter report on cybercrime campaigns around the world. The firm says it counted 419 cyber threats per minute, with the number of new malware samples increasing 11.5 percent over the first quarter of 2020.

The report also highlights how cybercriminals have exploited Covid pandemic issues and the increase in remote working, reporting an over 600 precent increase in Covid-related attacks in the second quarter when compared to the first quarter. In particular, the increased use of email communication and cloud use prompted a dramatic surge in phishing campaign attacks focused on cloud accounts.

Microsoft Office 365, a dominant figure in remote working, is a prime target for cybercriminals. Malware attacks designed to exploit PowerShell, a powerful Windows scripting language, increased 117 percent, according to McAfee. External attacks on cloud accounts reached almost 7.5 million. IANS "McAfee detects 419 new cyber threats per minute as malware samples rise" www.iol.co.za (Nov. 5, 2020).

Commentary

Two common techniques hackers use to breach a user’s cloud account are extensive searches through emails, chat histories and files for passwords or other valuable data; and manipulating a trusted communication channel for phishing attacks; that is, using actual emails from organizational leaders, not just spoofing them.

IT professionals can help by making certain employee cloud account security is a top priority. Organizations can limit the risk of attack by thinking like the criminals and monitoring employee interactions on cloud-based services.

As security staff accumulates detailed information on how employees use their cloud accounts (e.g., who they communicate with and how often), they place themselves in a better position to identify and stop unusual, and often criminal activity.

Finally, your opinion is important to us. Please complete the opinion survey: