I was having a conversation the other day with the executive director of a charity customer of ours, that has about 120 staff. By any measure this is not a tiny company.
The comment that was made was that his organization was too small to be a target for hackers.
So this got me thinking about something that I'd seen a while back and had meant to post about... and of course with life and business getting in the way I never really got around to it.
This Image that you're looking at is a screenshot from our Office 365 sign-in logs. This shows only the failed logins that are specific to our E mail system in the past three business days. As I write this, it's Thursday and as you can see from the date filter the logins shown are from October 1 at 12:00 AM until October 4 at 11:59 PM. The number of lines goes off the bottom of the page but to appease your curiosity there are 74 lines on this table... somebody tried to hack our email 74 times in a four day period.
Now I don't believe for a minute that anybody is actually targeting us... we're actually a small company. The only thing that makes us any kind of desirable target for the bad guys is the fact that we're an IT support company, which means that we support other businesses and might have access to their stuff. Which fact I will neither confirm nor deny. But it still remains that a bad guy would have to find us, then figure out what our email system is, then figure out our email addresses, and then try to hack us. That sounds like an awful lot of work for some Vancouver-based IT service company.
One thing I know about hackers is they don't want to work anymore than they absolutely have to. Unless they're going after some kind of whale of a target, they're going to use automation to the greatest degree possible. This image is reflective of that, and I can only imagine that these multiple login attempts were done using some sort of script or automation.
Which brings us back to our customer from above... if we have less than 10 mailboxes and we're getting targeted this many times (And believe me when I tell you that this is a slow week) Then what must it be like for an organization that has hundreds of mailboxes?
What do you think it looks like for your organization?
You definitely need to make sure that your Office 365 instance has been set up properly and securely by experts who know exactly what they're doing with Microsoft 365, and how to keep you safe. This is not the kind of thing that you want to skimp on, or to try doing yourself based on some video from YouTube. Let the experts do it.
If you want to know what Your own sign in logs look like, send us a message and we'll walk you through the process of navigating to your own sign in logs presuming of course that you have the administrative credential required to get there. But I promise you this much... however much you think you're getting targeted by hackers, spammers, and other bad guys with malicious intent, the number is probably much much greater than you expected.
