Ride the Lightning
Cybersecurity and Future of Law Practice Blog
by Sharon D. Nelson Esq., President of Sensei Enterprises, Inc.
Microsoft Will Add “Nation-State Activity Alerts” to Defender for Microsoft 365
February 24, 2021
ZDNet reported on February 8 that Microsoft will be adding a new security alert to the dashboard of Microsoft Defender for Office 365 (formerly Office 365 Advanced Threat Protection) that will notify companies when their employees are being targeted by nation-state threat actors.
The feature has been added to the Microsoft 365 roadmap website.
The concept has been around since 2016, when Microsoft began tracking nation-state hacking groups and the attacks they orchestrate against Microsoft email accounts.
If a user is targeted or compromised in one of these attacks, Microsoft sends them an email about the attack, along with basic advice to re-secure their inbox and devices. In 2019, Microsoft said that it usually notifies around 10,000 users per year of nation-state attacks.
So, what was the problem? That procedure relies on users reading their email and taking action, which doesn’t always happen. Users don’t read their emails daily, or it might take hours before the user reaches the notification in crowded inboxes, a time during which attackers could steal sensitive documents.
For organizations who are customers of Microsoft’s Office 365 service, Microsoft will add these notifications inside the dashboard of Microsoft Defender for Office 365, the cloud-based security platform that scans a company’s Office 365 accounts for threats.
The critical difference is that the notification will also appear for system administrators and security teams, who can act on it immediately by calling the affected employees, resetting email account passwords, resetting other internal passwords, or by undertaking a broader security audit.
Microsoft expects this feature to be in place by the end of February.
In case you were wondering, similar alerts for nation-state attacks are also available for Yahoo accounts, public Gmail accounts, and G Suite accounts. Facebook also warns users of nation-state attacks against its social media accounts.
The very idea of nation-state attack alerts would have been unheard of not all that long ago!
Hat tip to Dave Ries.
Sharon D. Nelson, Esq., President, Sensei Enterprises, Inc.
3975 University Drive, Suite 225|Fairfax, VA 22030
Email: Phone: 703-359-0700
Digital Forensics/Cybersecurity/Information Technology
https://senseient.com
https://twitter.com/sharonnelsonesq
https://www.linkedin.com/in/sharondnelson
https://amazon.com/author/sharonnelson