Articles & Blogs

Microsoft Office 365 Vulnerability lets Hackers
Sidestep Email Encryption

Few solutions have the enterprise adoption that Office 365 does. According to Statista, over 879,851 companies in the United States use Office 365 products to collaborate and remain productive. However, new research suggests that the platform could be leaving encrypted emails vulnerable to decryption by hackers. A researcher from cloud and endpoint protection provider WithSecure has discovered an unpatchable flaw in Microsoft Office 365 Message Encryption (OME). The flaw enables a hacker to infer the contents of encrypted messages.

OME uses the electronic codebook (ECB) block cipher, which leaks structural information about the message. This means if an attacker obtains many emails they can infer the contents of the messages by analyzing the location and frequency of patterns in the messages and matching these to other emails.

For enterprises, this highlights that just because your emails are encrypted, doesn’t mean they’re safe from threat actors. If someone steals your email archives or backups, and accesses your email server, they can use this technique to sidestep the encryption.

How easy is it for attackers to decrypt Office 365 emails?

The discovery comes shortly after researchers discovered hackers were chaining two new zero-day Exchange exploits to target Microsoft Exchange servers.

WithSecure originally shared its discovery of the Office 365 vulnerability with Microsoft in January 2022. Microsoft acknowledged it and paid the researcher through its vulnerability reward program, but hasn’t issued a fix.

It’s important to note that Microsoft isn’t the only provider to receive criticism for using ECB. Just a couple of years ago, Zoom received heavy criticism for choosing AES-128 ECB to encrypt calls and exposing private videos to unauthorized individuals.

A “malicious party who gains access to the encrypted emails can extract some information from the supposedly encrypted emails. Depending on the characteristics of the specific content on the email, the revelation could be (nearly) complete or partial,” said Harry Sintonen, principal security consultant at WithSecure.

The greater the number of encrypted emails an attacker manages to harvest, the easier it is for them to compare patterns and decipher the message content. In terms of the level of risk posed by this vulnerability, Sintonen noted that particularly high-risk users would be “ones who use OME to encrypt highly sensitive emails and attachments, and for whom it is important to avoid revealing sources (or parties of communication in general). A good example would be activists or journalists,” he said.

For example, if a journalist sends a highly sensitive document to a contact, a state-sponsored threat actor could create a fingerprint for it, scan other encrypted emails, and identify to whom the target has sent the document.

Assume the worst

With the number of data breaches rising 20.5% from 2020 to 2021, enterprises can’t afford to assume that their encrypted emails are impervious to threat actors.

For this reason, Sintonen recommends that enterprises using OME investigate the level of threat. That involves not only identifying what types of materials are shared via email, but anticipating which information or files could be exposed, and mapping the impact.

Ultimately, organizations will have to decide for themselves whether Office 365’s built-in encryption offers an acceptable level of risk for their collaborative needs or whether they need to find a secure replacement for encrypted email delivery.