Microsoft Office 365 Flaw Could Allow Hackers to Hold Your Cloud Files Hostage

SharePoint and OneDrive Targeted

This is a Microsoft Office 365 flawed piece of functionality where malicious actors can potentially ransom files stored on your SharePoint and OneDrive. Once this flaw has been taken advantage of, malicious parties can Launch attacks on cloud infrastructure.

There are three common ways a breach of this kind can occur:

  1. Phishing or brute-force attack
  2. Tricking you to authorize a third party authentication application
  3. Taking over session of a logged – in user

This attack begins by gaining access to your SharePoint Online or OneDrive account without your consent. Then the rest of what unfolds can be a disaster of malware and complications causing headaches for everyone on your team.

The best way to prevent these attacks is to:

  • Have strong passwords
  • Use multi-factor authentication MFA
  • Prevent large-scale data downloads to unmanaged devices
  • Maintain a backup of important files periodically. Check out our Security and Back-up page.


If you have any questions about Microsoft Office 365 or this article contact us.