Securing email services
Now, we have looked more at other miscellaneous countermeasures and what we can do for our Active Directory domain. The final aspect, and what might be the biggest attack vector for ransomware, is email.
In this book, we will focus on securing email related to Microsoft Office 365, although many of the techniques and features discussed here are also applicable to other email providers.
According to information from Statista, close to 3% of employees stated that they clicked on links that were sent in phishing emails: https://www.statista.com/topics/8385/phishing/#dossierContents__outerWrapper.
While 3% is not a high number, an attacker only needs one employee that leaks their account information to initiate a ransomware attack or to run malicious content on their machine.
Another attack vector we are seeing more of is the use of Adversary-in-the-Middle (AiTM) phishing. AiTM phishing is a method used by attackers to gain unauthorized access to a user...
