momius - Fotolia

Study warns that OWA is a 'sleeping dragon' of corporate security

SecureData has published a report stating that as many as 53,000 businesses face an immediate risk of their network systems being compromised via Outlook Web Access

Thousands of UK businesses risk being compromised via their Outlook Web Access platform, according to new research from SecureData.

SecureData was able to crack close to 0.5% of all accounts in the study using a combination of publically available email addresses from previous data breaches and exploiting poor password security behaviour by users.

The researchers analysed 1.5 million compromised email addresses from 173,000 individual organisations in the UK.

SecureData said that it could crack 92% of passwords where the compromise included a hashed, or one-way encrypted password.

Assuming some users were reusing the same password schemes between their private and work accounts, the security specialist said that as many as 868 organisations in the study were at immediate risk of their network systems being compromised. Scaling the results out, SecureData believes that as many as 53,000 of the 10.5 million .uk domain registrations could also be at risk.

The findings represent a clear warning to network adminstrators, as well as managed service providers, that personal passwords are increasingly finding their way into the corporate network. As many as 77% of all passwords are reused by users, according to a study from Princeton University. SecureData said that using this style of exploit was on the rise, and OWA was a ‘sleeping dragon of corporate network security’.

“We developed this research as a vehicle to illustrate the increasing security challenge as employees mix their corporate and personal online universes,” said Charl van der Walt, head of security strategy at SecureData. “This is exacerbated by enterprise risk models that fail to appreciate how attackers view their business, reflecting instead their own view as to what is valuable.”

Van der Walt said that Microsoft Exchange and OWA could provide hackers with a foothold into the wider corporate network, by using Outlook rules on the user’s desktop via OWA.

“Microsoft Exchange has been considered a relatively benign element of corporate IT, but it’s becoming more popular and valuable as a target. In addition, Exchange is exposed onto the Internet via OWA and put more at risk via weak or leaked email passwords.  We wanted to highlight this simple exploit as a way to warn security managers not to under value what appear to be low-risk corporate assets.”

Read more on Remote Access Security