Many companies are now hosting their documents inside Microsoft Sharepoint & OneDrive, utilising the benefits of the Microsoft 365 packages and believing these technologies offer protection against devastating Ransomware attacks. These attacks encrypt (lock) company data and ask businesses to pay a ransom to gain access to it again.
Unfortunately, merely using Sharepoint or OneDrive is not an adequate means of protecting your data from these attacks. These technologies must be architected and protected in the right way too. This is evidenced by a recent publication by cyber security researchers.
In a proof-of-concept, the researchers prove how attackers can target company data which is stored in the cloud and not only successfully encrypt it but also destroy all conventional means of recovering said data through Microsoft’s document version retention.
As shown in the diagram above, this cunning attack method is highly successful in leaving companies without their data and without a means of recovery… Unless they were adequately protected by a cloud backup system hosted securely outside of the Microsoft ecosystem. This attack method is another example of why companies should not rely on the built-in protections within Sharepoint & OneDrive for their data recovery and backups. These are easily thwarted by attackers.
All of our IT Support & Managed Services customers benefit from full non-Microsoft backups of all of their Microsoft 365 data (Emails, Sharepoint, OneDrive & more) to protect them from this kind of attack – and a number of other scenarios.
Comments