In the past, many enterprises often claimed the adoption of Microsoft Office 365 as a hard existing catastrophe due to its dull productivity, growth, and enchantment. But today, in the United States alone, over 879,851 companies have adopted, collaborated, and maintained their productivity and effectiveness through the effectiveness of Office 365 products. Although, the platform might leak a couple of encrypted emails that can be vulnerable to hackers' descriptions.
However, withsecure, a cloud, and an endpoint researchers discovered an unbreachable aspect of Microsoft Office 365 Message Encryption (OME) that sometimes allows hackers to gain full access to all encrypted messages, which are more likely to be attacked in the process.
To avoid this, OME uses the electronic codebook (ECB) to detect and block all leaking ciphers that might attempt to intrude on any of the encrypted structural information, which means that attackers can easily translate the contents of the numerous attacked emails by analyzing their location and frequency to track and obtain the matching ones.
Of course, many enterprises ensure all emails are encrypted. Still, they must also be aware that any leaked detail can be decrypted, which makes it vulnerable to threatening actions at the moment.
How Easy It Is For Attackers To Decrypt Office 365 Emails.
Earlier, researchers at TechCrunch discovered that Microsoft has confirmed two unpatched exchange server zero-day vulnerabilities, which are exploited by cybercriminals to attack the Microsoft exchange server. Microsoft Security Response Centre (MRSC) identified the first vulnerability as a server-side request forgery (SSFR) CVE-2022-41040, while the other as CVE-2022-41082.
For email attachments, the infected item will exploit a vulnerability in the target post delivery when the document is opened, which the commander/attacker might want to send some commands after. Withsecure shared its first vulnerability discovery of office 365 with Microsoft earlier this year, which was acknowledged and dearly rewarded but resolved no issue.
Many years ago, zoom was criticized for choosing AES-128 ECB to encrypt audio and videos. The ECB mode is a pattern that is not usually recommended because of its ways of preserving plaintext during encryptions; proving the fact that Microsoft isn’t the only provider to be criticized for using ECB.
On the 8th of July 2019, Deutsche Bank, one of the world’s most important global financial systems, was also criticized for using ECB.
Harry Sintonen, principal security consultant at WithSecure in a security conference podcast said “a malicious party that gains access to encrypted emails can only extract information from the supposedly encrypted emails depending on the characteristics of the specific content on the email. Further, he said, the revelation could either be nearly or partially completed. This means, the higher the number of encrypted emails an attacker manages to harvest, the easier it is for them to compare patterns and decipher the message content.
Assuming The Worst.
As presumed by Harry Sintonen, every enterprise using OME should inspect its level of threats before taking any further action which includes the type of material that is used or shared via emails, understanding the impact, and anticipating which file can be easily influenced for stronger encryption.
However, considering the number of data breaches caused to the level of many organizations' security during the covid pandemic. The number of material breach respondents suffered by 20.5% from 2020 to 2021. For this reason, enterprises can no longer afford to assume encrypted email trust. Also, enterprises will have to decide on which works best. Whether to maintain the in-built encryption with Office 365 or to find a better replacement.
Comments