As the operating system used by 90 percent of Fortune 500 companies, Microsoft is often the focus of cybercriminals. What is more concerning for organizations, both small and large is the increasingly organized nature of cybercriminal teams determined to access sensitive data. How much of a focus has Microsoft been by these more sophisticated teams? Forty-eight percent of malicious email attachments were Microsoft Office files in 2018, according to Symantec’s ISTR 2019 report.

The rogue hackers and the petty cybercriminals are still out there, but team-based hackers are emerging that utilize a more professional approach to cyber attacks that have been seen in the past. The idea of nerds who view cyber attacks as a challenge to take on is beginning to change. A new trend is sophisticated teams that utilize advanced planning, are very skilled at covering their tracks, and strike according to their own plan and activities. They are patient and have big targets in mind beyond cash such as identity information, medical insurance details, and even grand schemes such as influencing elections.

“One of the best defenses against data breaches from cloud-based applications and platforms is to develop a coordinated cybersecurity plan that gets integrated consistently with every cloud-based application added within an organization’s IT stack.” – Shawn Waldman CEO Secure Cyber Defense

With so many companies and organizations using Microsoft, and a variety of cloud-based applications, many companies struggle with developing a coordinated and comprehensive cybersecurity program. As an example, healthcare facilities utilize a variety of Microsoft-based and cloud-based programs, making them the number one target of cybercriminals. CSO Online reports healthcare attacks will quadruple by 2020.

According to our partner Fortinet, “blanket security is not part of any cloud benefits package. Security is a shared responsibility between your organization and the cloud provider, with clear lines drawn between responsibilities. True, Microsoft Azure and the other major cloud providers have native security options, but they are focused primarily on securing the underlying network, while customers are expected to secure their data, applications, workflows, and resources.” In fact, Gartner is forecasting that, through 2022, at least 95 percent of cloud security failures will be the fault of the customer not securing their sensitive data and applications, and not that of the cloud provider.

As we mentioned in an earlier blog, third-party vendors and providers often add to cybersecurity risks as they often require access to a company’s cloud-based data. With more entry points via third-party vendors, the use of multiple cloud security applications, and cybercrime efforts focused on Microsoft programs, both large and small organizations need to carefully analyze their approach to securing their data and systems to avoid a major breach which could shut down their ability to operate or expose their customer’s sensitive data.