Story image

Cyber crims targeting Aussie companies with Microsoft OneDrive accounts

28 Nov 2016

Cyber-criminals are using compromised Microsoft 365 ‘OneDrive for Business’ accounts to spread malware throughout Australian companies.

That’s according to global research conducted by Forcepoint - a cyber-security firm powered.

Forcepoint research found cybercriminals predominately targeted Australia using this method with 55% of emails sent to recipients in Australia.

With the use of cloud storage growing exponentially, Forcepoint advises that businesses need to be more aware of the associated risk and how they can protect themselves.

One Drive for Business is a paid Microsoft service for businesses where employees can store and share files. Each registered employee has a personal URL called "MySite" where work-related files can be uploaded and shared, even to external parties.

According to Forcepoint, these employee MySite accounts are being compromised and used to upload malware.

Based on Forcepoin’s research , the top 7 email subjects containing malicious OneDrive for Business links for the past 90 days include:

  • Please Docusign these documents 
  • Request for ASIC correspondence reprint
  • Thomas shared “Agreement AHAlife 11-2016” with you
  • Melissa shared “Scan001.zip” with you
  • New playslip available for pay period ending 8/11/2016

Since it is a known service for businesses, malicious download links hosted by such platform adds a layer of "trust" to prospective victims when downloading an unknown file.

Businesses that utilise third-party business solutions such as OneDrive for Business are advised to put additional focus on the security of the related user accounts to prevent such risks.

Forcepoint also points out that users should be vigilant when downloading files from OneDrive for Business (Sharepoint) links coming from an unsolicited email.

How Red Hat aims to accelerate business value with container technologies
Red Hat announced that leading global companies are creating, extending and deploying integration services across hybrid and multicloud environments using agile integration architectures based on Red Hat technologies.
IT employers having to up salaries and bonuses to attract talent
As the modern economy relies increasingly on data, it’s certainly a good time to be working in IT.
Red Hat expands integration product capabilities
Adds end-to-end API lifecycle support and new capabilities for agile integration across hybrid architectures.
Electric car infrastructure needs to be a high priority
“Australians should be able to drive all over this massive nation with complete confidence in a zero-emission vehicle.”
Oracle updates enterprise blockchain platform
Oracle’s enterprise blockchain has been updated to include more capabilities to enhance development, integration, and deployment of customers’ new blockchain applications.
BMC adds IBM Cloud, Watson to Helix solution
BMC Helix with IBM Watson delivers cognitive insights across structured and unstructured federated knowledgebases.
Hyundai works with IBM to create a new blockchain-based platform
The network for commercial financing will supposedly provide participants with a single view of all the transactions happening in the network.
Why businesses should invest in energy automation
In industrial applications digital transformation allows businesses to do more with less.