Microsoft Office 365 a Major Supply Chain Attack Vector


third-party supply chain Okta endpoint security

Performance issues are not the only concern users have about Microsoft Office 365 and Azure cloud services: the office productivity suite also represents a major threat vector and an attractive target for network and supply chain attacks. 

On a quantitative level, Office 365 draws over 250 million active users, according to Microsoft statistics. Attackers can thus intuitively guess that a certain percentage of these users lack proper security protection, and as a bonus, often serve as an easy entry point into an organization’s Azure cloud data, including APIs. A conservative estimate, for example, might peg the percentage of vulnerable machines at 10%—the word “vulnerable” varies depending on the talents of the hacker, which can also include ethical hackers—which would represent over 25 million easy targets to penetrate.

Read more…