A Hasty Cloud Introduction Often Creates Security Risks | Total Security Software

Lack of Strategy and Planning Promotes Security Risks

With the exponentially growing dependency on technology, the need for robust cybersecurity to protect users as well as data and business processes from hackers is increasing - says Vectra AI. However, the increasing activity of cybercriminals has become a dilemma. The more companies invest in data protection technologies, the more skilled cybercriminals become. They change their attack methods and behavior to disappear into normal data traffic, bypass traditional network controls, break into the infrastructure, and steal credentials.





Because of this constant push, Network Detection, and Response (NDR) is an essential aspect of any leadership team today? Attacks targeting Software-as-a-Service (SaaS) user accounts are one of the fastest-growing and most prevalent security problems today. This trend started long before COVID-19 and has accelerated as more companies move to the cloud.

The Disadvantages of Teleworking

When the workforce moved to work from home during the initial lockdowns, the move to online collaboration and productivity tools was quick but largely smooth. A by-product of this change is an increased volume of much more sensitive data that is shared across multiple devices. In many cases, this information is now vulnerable.

That's because current security approaches can lose track as environments expand into the cloud, where users increasingly store multiple accounts and access resources from both approved and unapproved devices. When the boundaries between professional and private online interaction blur, the exposure to cyber risks increases dramatically.

Reinforcement of The Gaps in Defense Mechanisms

In the past, companies have relied on tightly controlled on-site servers where network security solutions have largely protected data. With more and more new devices accessing corporate and cloud networks, traditional solutions have become vulnerable to greater risk activity and misuse of data in cloud applications.

“The reality today is that private and trusted networks can no longer be fully protected by traditional security solutions that focus solely on the use of signatures and the detection of anomalies. Industry analysts and experts agree that NDR is better suited to identify and stop attacks in the modern data center infrastructure, ”reports Andreas Müller, Director DACH at Vectra AI. "The introduction of NDR has gained tremendous momentum through the correlation of attacker behavior and the course of threats between cloud, hybrid and on-premises networks."

We know that cybercriminals are exploiting a larger attack surface and are becoming more and more advanced. It is therefore no longer enough to strengthen security at the network perimeter, especially when it comes to stopping clever attackers and speeding up detection. In fact, the idea of ​​a network perimeter no longer exists as users can connect from anywhere.


In many organizations, security technology focuses on user behavior, although the focus should be on attacker behavior. This requires knowledge of what attackers can do on the platforms instead of monitoring allowed users and what they are sharing while looking out for malicious insiders. It is time to change perspective and look at the bigger threat - the behavior of the attacker.

A Lesson from Office 365

Observation of Microsoft Office 365 users shows how easy it is for hackers to break into a company's network. Vectra AI's most recent Spotlight Report on Office 365 gathered opt-in data from four million Office 365 users worldwide and found that 96 percent of customers exhibit malicious lateral movement behavior. This means that as soon as a hacker gains access to an Office 365 account, the back door to a corporate network opens and makes it vulnerable to attack. An example of this is Microsoft Power Automate. Formerly Microsoft Flow, it was designed to automate user tasks and save time. Power Automate is enabled by default in Office 365.

“Unfortunately, Power Automate is a blind spot that creates dangerous security vulnerabilities in Office 365. Research from the Spotlight Report on Office 365 shows that 71 percent of customers display suspicious behavior in Office 365 Power Automate, ”explains Andres Müller. Currently, a Power Automate script can be set up so that it automatically takes all attachments in an email and saves them in OneDrive. An attacker could then compromise an account and use Power Automate to take these documents and exfiltrate them into a Dropbox account.

Attackers have exploited this feature to assume an accounting identity and switch from Office 365 to a device or on-site. They can then log in as a specific user within Office 365 and start corrupting or exfiltrating data, or moving sideways to find valuable assets to steal.

Adapt Network Security to Changing Tactics

With NDR, organizations can see what attackers are doing, where they are on the network, and quickly stop attacks before they become data security incidents. NDR uses AI-derived machine learning algorithms to identify early threat behaviors in hybrid, on-premises, and cloud environments. It also automatically detects and prioritizes attacks that pose the greatest risk to your business and triggers a real-time response to quickly mitigate threats.

To protect data and reduce cyber risks, companies must take a proactive rather than reactive approach to cybersecurity. It can be a costly mistake to rely solely on outdated security at the network perimeter. Today, NDR is a key cornerstone of cybersecurity best practices.

Try Total Security Software to Prevent Cyber Attacks

“When it comes to strategic security investments in 2021, it is time to think about where the best value, line of defense will come from, and how organizations can better ensure they are protected. This is especially true because in this likely complex and critical year, companies will increasingly rely on hybrid, local, and cloud platforms for a range of different devices” concludes Andreas Müller from Vetra AI.

Comments