SolarWind attackers target MS customers
Tuesday, June 29, 2021
This type of activity is far from new, and Microsoft said it recommends taking the usual security precautions, including enabling multi-factor authentication to protect their environments from this attack and other attacks of a similar nature.
Cyber security hygiene
Ilia Kolochenko, founder of ImmuniWeb, and a member of Europol Data Protection Experts Network, said the exposed hacking campaign brings compelling evidence that the overall cyber security hygiene is deficient.
“For instance, password spraying and credential stuffing attacks are preventable by enabling MFA, restricting access to the accounts from specific networks or at least countries, and can be easily spotted by anomaly detection systems,” he explained.
In addition, Kolochenko says a properly implemented dark Web monitoring process should help alert companies quickly about stolen credentials that might need to be decommissioned as a matter of urgency. “These are the very basics of information security.”
According to him, phishing is another common phenomenon that can be successfully mitigated by ongoing security awareness and training programs for employees. “When security training is combined with continuous monitoring and threat detection systems, designed to sandbox untrusted emails or hyperlinks, phishing efficiency is zero even when an employee makes a mistake.”
The bottom line: organisations must invest in cyber security baselines and implement a consistent information security strategy. “Otherwise, even technically unsophisticated attacks will continue their surge,” Kolochenko ends. Read Full Article
Dark Reading: Microsoft Refining Third-Party Driver Vetting Processes After Signing Malicious Rootkit
SiliconANGLE: Microsoft warns SolarWinds hacking group Nobelium is targeting its customers