SecurityBrief Asia - Technology news for CISOs & cybersecurity decision-makers
Story image
Kaspersky announces update to Microsoft Office 365 security solution as COVID-19 threats emerge
Fri, 27th Mar 2020
FYI, this story is more than a year old

Kaspersky has today announced an updated version of its security suite for Microsoft Office 365, with a particular aim at combatting phishing, which is seeing a massive increase in cases as attackers take advantage of fear and misinformation around the COVID-19 pandemic.

The upgrade introduces enhanced anti-phishing capabilities with a dedicated anti-spoofing feature, as well as bolstered protection within Microsoft Teams.

The update protects corporate users from targeted phishing emails, supposedly sent on behalf of colleagues or subcontractors but which actually use spoofed domain names.

The new feature allows a customer to create a list of reliable company and subcontractors email domains so that the product can detect a malicious email sent from a forged domain.

Research from Kaspersky found that 186 million malicious spam messages targeted corporate users in 2019.

This represents is 54 million more than in 2018, according to the security company.

The research showed one of the most effective phishing techniques in 2019 were emails disguised as automatic notifications from legitimate services, such as Microsoft Outlook.

Emails asking users to authorise services would obtain user credentials from corporate emails, which could then be used in an attack on an organisation.

Kaspersky says during January and February 2020, its Microsoft Office 365 security solution blocked at least one attempt per mailbox on average, to click on a phishing email link.

“Companies that are moving to cloud services and tend to use communication tools, such as Microsoft Teams, want to keep their data protected and meet the requirements of secure collaboration and messaging for their employees,” says Kaspersky head of B2B product marketing Sergey Martsynkyan.

“To help companies meet these needs, we have expanded protection for Microsoft Office 365 to cover all associated applications.

“This gives customers assurance that the entire cloud service is secured by default and potential threats do not affect employees' working processes.

The update also enables secure file sharing within Microsoft Teams — in addition to previously available protection for Exchange Online and OneDrive.

It also ensures that only clean and reliable files can access SharePoint Online, allowing IT security managers to define the scope of sites for scanning.

Kaspersky says this is especially important for companies with remote workers mostly communicating with colleagues through digital channels.

The new update includes a feature which aims to prevent malware from being uploaded into SharePoint Online, which can then be spread across an entire organisation.

The product detects a malicious file by scanning every file immediately once it is uploaded, moving it to quarantine, and providing an IT security manager with the detection report and statistics on the dashboard.

As remote working sees an unprecedented boom in 2020, Microsoft Teams and other remote team collaboration software has seen rapid growth.

Kaspersky's update addresses this uptick in Teams usage,  and protects against situations where malicious files access a user endpoint and an employee tries to share it with colleagues.

At this point the malware will be detected and transferred to quarantine almost immediately so other users do not have a chance to open it and initiate infection.