searchtwitterarrow rightmail strokearrow leftmail solidfacebooklinkedinplusangle upmagazine plus
Help Net Security - Daily information security news with a focus on enterprise security.
Help Net Security - Daily information security news with a focus on enterprise security.
  • News
  • Features
  • Expert analysis
  • Videos
  • Reviews
  • Events
  • Whitepapers
  • Industry news
  • Product showcase
  • Newsletters
Zeljka Zorz
Zeljka Zorz, Editor-in-Chief, Help Net Security
February 9, 2021
Share

Microsoft to alert enterprise security teams when nation-state attackers target their employees

Microsoft will introduce this month a new security alert that will notify enterprise security teams when an employee is being targeted by suspected nation-state attackers.

enterprise alert nation-state

The notification will appear in the dashboard of Microsoft Defender for Office 365, a cloud-based email filtering service that protects enterprise Office 365 users against advanced and targeted threats (e.g., BEC, credential phishing, etc.), so that security teams may immediately start with remediation actions independently of the targeted user, who will also receive an email alert but might not see it or react to it with the required haste.

Advanced and persistent threat activity

“[Nation state] attacks represent some of the most advanced and persistent threat activity Microsoft tracks. The Microsoft Threat Intelligence Center follows these threats, builds comprehensive profiles of the activity, and works closely with all Microsoft security teams to implement detections and mitigations to protect our customers,” the company explained in the description of the new feature.

“We’re adding an alert to the security portal to alert customers when suspected nation-state activity is detected in the tenant.”

The new feature might be a direct consequence of the recent SolarWinds hack, during which the attackers – who are believed to be government-backed – have also compromised some of the company’s Office 365 email accounts (though that was not the initial attack vector).

Alerts about suspected nation-state targeting of email accounts are not a new thing.

Microsoft has already been alerting users of its consumer email services such as Outlook and Hotmail when they have been targeted by government-backed hackers, and has previously been directly alerting enterprise users of its offerings via email. In fact, in July 2019, Tom Burt, Microsoft’s corporate VP of Customer Security & Trust, said that in the year before, the company had notified nearly 10,000 customers they’ve been targeted or compromised by nation-state attacks (about 84% of these attacks targeted enterprise customers).

Google has, on the other hand, started warning Gmail users of state-sponsored attacks in 2012 and G Suite admins in 2018, allowing them to reset the password of any account with suspicious activity, enroll the user in 2-Step Verification, or ask them to take additional steps to secure their account.

More about
  • account protection
  • email security
  • enterprise
  • Microsoft
  • Office 365
Share this

Featured news

  • Exchange Online will soon start blocking emails from old, vulnerable on-prem servers
  • Apple backports fix for exploited WebKit bug to older iPhones, iPads (CVE-2023-23529)
  • What you need before the next vulnerability hits
How to protect online privacy in the age of pixel trackers

Sponsored

Webinar: Tips from MSSPs to MSSPs – starting a vCISO practice

Security in the cloud with more automation

CISOs struggle with stress and limited resources

How to scale cybersecurity for your business

Don't miss

Exchange Online will soon start blocking emails from old, vulnerable on-prem servers

Apple backports fix for exploited WebKit bug to older iPhones, iPads (CVE-2023-23529)

Europol details ChatGPT’s potential for criminal abuse

What you need before the next vulnerability hits

Running a security program before your first security hire

Cybersecurity news
Help Net Security - Daily information security news with a focus on enterprise security.
© Copyright 1998-2023 by Help Net Security
Read our privacy policy | About us | Advertise
Follow us