While Microsoft has long been a target for hackers, phishers, malware, and other nefarious types that float around the Internet, SharePoint has, relatively speaking, stayed under the radar, but recently got hit by a double whammy. 

• Critical Vulnerabilities within SharePoint Server - Rencore (just the second one)

Phishing attack

The first incident was a phishing attack, in which SharePoint’s only fault was its popularity and perhaps the blasé approach often taken by users to yet another message from SharePoint.

In a time when people are working remotely and using the likes of Microsoft Teams (145 million daily users) and SharePoint Online to collaborate with both internal and external teams, file sharing messages are a dime a dozen.

We’re probably all guilty of not looking as closely at the links in the message as we should.  After all, it’s got the logos and looks just like the last shared document email received …

However, we need to be always vigilant and check out the wording, phrasing, the links behind the underlined text and are we really expecting this kind of document from this person?  If it’s been a while, you’d be wise to go refresh your phishing identification skills.

Ransomware attack

At least the first incident wasn’t SharePoint at fault - until the second incident – a ransomware attack - turned up.

While Microsoft have always been quite diligent in fixing it up, it looks like they left a bit of a hole. It turns out Microsoft released patches for this vulnerability way back in 2019 but here it is being actively exploited in 2021.

What can you do to protect yourself?

Go talk to your SharePoint on-prem admins. Buy them a coffee/coke and ask how their patching is going. Be prepared to have your shoulder cried upon.

The moral of the story here is that while it’s not always SharePoint’s fault, it’s far from faultless. The best way to remain on top of potential attacks is to stay patched and stay vigilant.