Turns out there is a back door to the Office email system - from Cyber Security Blog:
Exposing the Secret Office 365 Forensics Tool
An ethical crisis in the digital forensics industry came to a head last week with the release of new details on Microsoft’s undocumented “Activities” API. A previously unknown trove of access and activity logs held by Microsoft allows investigators to track Office 365 mailbox activity in minute detail. Following a long period of mystery and rumors about the existence of such a tool, the details finally emerged, thanks to a video by Anonymous and follow-up research by CrowdStrike.
Now, investigators have access to a stockpile of granular activity data going back six months—even if audit logging was not enabled. For victims of Business Email Compromise (BEC), this is huge news, because investigators are now far more likely to be able to “rule out” unauthorized access to specific emails and attachments.
The secret tool provides evidence that could have saved hundreds—if not thousands—of companies from having to declare a data breach. It is very likely that small businesses were disproportionately affected, since they lack the budget to employ forensics firms and to utilize Office 365 subscriptions that support audit logging.
Until now, this level of granularity was thought not to exist. Turns out, however, that it did, and those who were in the know kept this knowledge a secret.
Much more at the site - as they say: ...developing...
Leave a comment