Corporate email servers remain hackers' favorite target

News
By published

Microsoft 365 and Azure AD plagued with threats

Hacker
(Image credit: Shutterstock)

Attacks against Microsoft 365 Exchange Online systems is the number one threat for businesses of all sizes, according to a new report.  

Conducted by cybersecurity company Vectra AI, the research identifies the top ten threats that impacted its customers across Microsoft 365 and Microsoft's cloud-based identity and access management (IAM) solution, Azure Active Directory (AD).

Vectra tracked the top threats across small, medium, and large businesses to find any correlations between the threats and the size of the business. It calculated the relative frequency of threat detections that were triggered during a three-month period.

TechRadar needs you!

We're looking at how our readers use VPN for a forthcoming in-depth report. We'd love to hear your thoughts in the survey below. It won't take more than 60 seconds of your time.

>> Click here to start the survey in a new window<<

Regardless of the size of the business, threats against Exchange Online were at or near the top for all of them, which Vectra argues may indicate that attackers are constantly trying to manipulate Exchange to gain access to specific data or further attack progression.

Detection similarities

From its research, Vectra discovered that larger businesses triggered less number of detections.

“This general trend of larger companies triggering fewer detections when compared to smaller companies tells us that the large companies’ users and administrators may perform Office 365 and Azure AD activity more consistently compared to smaller organizations,” suggests Vectra.

The research also revealed that Azure AD suspicious operations, which might be an indication of attackers trying to escalate privileges to perform admin-level tasks, are the next most common threat for small and medium-sized businesses. Surprisingly, this threat doesn’t feature in the top ten threat for large businesses.

Vectra suggests that a number of these threat detections represent activities that provide ease of use, collaboration with external parties, and provisioning of administrative access to the Azure AD environment, which also provides means for attackers to compromise the service.

Mayank Sharma
Mayank Sharma

With almost two decades of writing and reporting on Linux, Mayank Sharma would like everyone to think he’s TechRadar Pro’s expert on the topic. Of course, he’s just as interested in other computing topics, particularly cybersecurity, cloud, containers, and coding.

Read more
Best email services: image of email with one unread message alert
Over 400 million unwanted and malicious emails were received by businesses in 2024
Flag of the People&#039;s Republic of China overlaid with a technological network of wires and circuits.
One of the biggest flaws exploited by Salt Typhoon hackers has had a patch available for years
A digital representation of a lock
Exploits on the rise: How defenders can combat sophisticated threat actors
A padlock resting on a keyboard.
Massive botnet is targeting Microsoft 365 accounts across the world
A fish hook is lying across a computer keyboard, representing a phishing attack on a computer system
Microsoft 365 accounts are under attack from new malware spoofing popular work apps
Fraude en ligne phishing
Phishing clicks nearly tripled in 2024 as criminals aim for smarter attacks
Latest in Security
cybersecurity
Chinese government hackers allegedly spent years undetected in foreign phone networks
Data leak
A major Keenetic router data leak could put a million households at risk
Code Skull
Interpol operation arrests 300 suspects linked to African cybercrime rings
Insecure network with several red platforms connected through glowing data lines and a black hat hacker symbol
Multiple routers hit by new critical severity remote command injection vulnerability, with no fix in sight
Code Skull
This dangerous new ransomware is hitting Windows, ARM, ESXi systems
An abstract image of a lock against a digital background, denoting cybersecurity.
Critical security flaw in Next.js could spell big trouble for JavaScript users
Latest in News
Open AI
OpenAI unveiled image generation for 4o – here's everything you need to know about the ChatGPT upgrade
Apple WWDC 2025 announced
Apple just announced WWDC 2025 starts on June 9, and we'll all be watching the opening event
Hornet swings their weapon in mid air
Hollow Knight: Silksong gets new Steam metadata changes, convincing everyone and their mother that the game is finally releasing this year
OpenAI logo
OpenAI just launched a free ChatGPT bible that will help you master the AI chatbot and Sora
An aerial view of an Instavolt Superhub for charging electric vehicles
Forget gas stations – EV charging Superhubs are using solar power to solve the most annoying thing about electric motoring
NetSuite EVP Evan Goldberg at SuiteConnect London 2025
"It's our job to deliver constant innovation” - NetSuite head on why it wants to be the operating system for your whole business
More about security
cybersecurity

Chinese government hackers allegedly spent years undetected in foreign phone networks
Data leak

A major Keenetic router data leak could put a million households at risk
Asus Vivobook S laptop on yellow background with price cut text overlay

I've looked through hundreds of laptop deals in the Spring sales - this $599 Asus Vivobook has them all beat
See more latest
Most Popular
Student with headphones around her neck using a phone while sitting in a cafe in front of a laptop
One of the richest men in the world castigates the billions of dollars spent on buying laptops for US classrooms with no apparent improvements
An aerial view of an Instavolt Superhub for charging electric vehicles
Forget gas stations – EV charging Superhubs are using solar power to solve the most annoying thing about electric motoring
Tesla Model Y 2025
Tesla’s EU sales are in freefall as VW races ahead, but the Model Y could change all that
Asus NUC 15 Pro+
Asus unveils its most powerful mini PC to date — but I don't think the Intel-powered NUC 15 Pro+ will compete with Strix Halo models
HDD
Seagate teams with Nvidia to build an NVMe hard drive proof of concept, more than 3 years after its last effort
Open AI
OpenAI unveiled image generation for 4o – here's everything you need to know about the ChatGPT upgrade
NetSuite EVP Evan Goldberg at SuiteConnect London 2025
"It's our job to deliver constant innovation” - NetSuite head on why it wants to be the operating system for your whole business
Apple WWDC 2025 announced
Apple just announced WWDC 2025 starts on June 9, and we'll all be watching the opening event
Hornet swings their weapon in mid air
Hollow Knight: Silksong gets new Steam metadata changes, convincing everyone and their mother that the game is finally releasing this year
OpenAI logo
OpenAI just launched a free ChatGPT bible that will help you master the AI chatbot and Sora