Total Tests:

SolarWind attackers target MS customers

By Kirsten Doyle for ITWeb
Tuesday, June 29, 2021

This type of activity is far from new, and Microsoft said it recommends taking the usual security precautions, including enabling multi-factor authentication to protect their environments from this attack and other attacks of a similar nature.

Cyber security hygiene

Ilia Kolochenko, founder of ImmuniWeb, and a member of Europol Data Protection Experts Network, said the exposed hacking campaign brings compelling evidence that the overall cyber security hygiene is deficient.

“For instance, password spraying and credential stuffing attacks are preventable by enabling MFA, restricting access to the accounts from specific networks or at least countries, and can be easily spotted by anomaly detection systems,” he explained.

In addition, Kolochenko says a properly implemented dark Web monitoring process should help alert companies quickly about stolen credentials that might need to be decommissioned as a matter of urgency. “These are the very basics of information security.”

According to him, phishing is another common phenomenon that can be successfully mitigated by ongoing security awareness and training programs for employees. “When security training is combined with continuous monitoring and threat detection systems, designed to sandbox untrusted emails or hyperlinks, phishing efficiency is zero even when an employee makes a mistake.”

The bottom line: organisations must invest in cyber security baselines and implement a consistent information security strategy. “Otherwise, even technically unsophisticated attacks will continue their surge,” Kolochenko ends. Read Full Article

Book a Call Ask a Question
Talk to ImmuniWeb Experts
ImmuniWeb AI Platform
Have a technical question?

Our security experts will answer within
one business day. No obligations.

Have a sales question?
Tel: +41 22 560 6800 (Switzerland)
Tel: +1 720 605 9147 (USA)
Your data will stay private and confidential