Too many unprotected Outlook mailboxes due to home office
The transfer of a large number of employees to the home office in a short period of time due to the Corona pandemic is an enormous challenge for many companies. IT security is still frequently underestimated. Specialists are now sounding the alarm: many unprotected Outlook mailboxes open the floodgates to cybercriminals.
Many employees had to switch to home offices at short notice because of the Corona pandemic. For many companies, this switch meant the only way to keep operations running as far as possible. However, few companies have been fully prepared for this situation, which is why some processes have now been implemented head over heels - this now leads to a new and very dangerous threat.
Many unprotected Outlook mailboxes
Security researchers at Check Point Research, the threat intelligence division of Check Point® Software Technologies Ltd. are sounding the alarm: many companies' Outlook mailboxes are freely accessible and unprotected on the Internet, Check Point Research warns. The reason for this is that the companies use the Outlook Web Application (OWA), which opens the mailbox in the browser instead of via the installable desktop program. They want to respond to the fact that many employees use their private devices, or have to use them due to lack of preparation, and of course do not have a Microsoft Office license available for their own devices. The OWA, on the other hand, is free to use - and is now tearing a big hole in IT security.
DACH region at high risk
On the shodan.io overview page, Germany is already in second place behind the USA with almost 50,000 open ports found. Switzerland follows in 7th place with just under 8,000 open ports, and Austria is still in 10th place with around 6,500 ports. This means that the DACH region is united among the ten most vulnerable countries and accounts for more than a third of their current total of just over 180,000 open ports.
"We can only advise all companies to close these open ports immediately and to resort to protective measures from experienced security providers as additional shielding. Otherwise, one of their most sensitive areas, the entire e-mail traffic, is freely visible on the Internet and thus defenselessly at the mercy of attackers," warns Sonja Meindl, Country Manager Switzerland and Austria at Check Point.
Source: https://research.checkpoint.com/
