After Zoom, research finds Microsoft Teams vulnerable to cyber attacks

MUMBAI: After reports of Zoom meetings being hacked into, researchers have now found Microsoft Teams, the video conferencing platform of Microsoft, vulnerable to cyber attacks.

Cyber criminals are turning their sights on video conferencing tools as the next major way to target unsuspecting users and enterprises. As more and more business is conducted from remote locations, attackers are focusing on exploiting key technologies, like Zoom and Microsoft Teams, that companies and their employees depend on to stay connected.

“We found that by leveraging a subdomain takeover vulnerability in Microsoft Teams, attackers could have used a malicious GIF (Graphic Interchange Format) to scrape user’s data and ultimately take over an organization’s entire roster of Teams accounts,” CyberArk Labs said in a blog post.

CyberArk worked with Microsoft Security Research Center after finding the account takeover vulnerability and a fix was quickly issued.

Since users wouldn’t have to share it, rather just view the GIF to be impacted, vulnerabilities like these have the ability to spread automatically. This vulnerability would have affected every user who uses the Teams desktop or web browser version.

Video conferencing tools like Microsoft Teams, Google Meet and Zoom have experienced tremendous rise in user base since the covid-19 pandemic has forced enterprises to move to work from home mandates globally. A large number of academic programmes are also leveraging these platforms to continue classes. Most of these companies have also provided free access for anywhere between three and six months to the videoconferencing platforms. While this is clearly increasing traction, a lot of cyber criminals are now setting sights on these services to cause mischief.

Last week, Zoom announced security enhancements with the upcoming general availability of Zoom 5.0, a key milestone in the company’s 90-day plan to proactively identify, address, and enhance the security and privacy capabilities of its platform. Even Google and Microsoft have accelerated security and incident management measures to tackle these concerns especially since students are also using these services on a large scale.

Microsoft has deleted the misconfigurations in the software that were exposed and could be taken over.

“Even if an attacker doesn’t gather much information from a Teams’ account, they could still have used the account to traverse throughout an organization (just like a worm). Eventually, the attacker could access all the data from your organization’s Teams accounts – gathering confidential information, meetings and calenders information, competitive data, secrets, passwords, private information, business plans, etc,” noted CyberArk.