Microsoft is adding a new security alert to Defender for Office 365 to notify enterprises when their employees are being targeted by nation-state threat actors.
The tech giant has been tracking nation-state hacking groups since 2016.
The new feature has been added to the Microsoft 365 roadmap website, reports ZDNet.
Microsoft Defender for Office 365 is the cloud-based security platform that scans a company’s Office 365 accounts for threats.
The notification will also appear for system administrators and security teams, who can act swiftly on the attacks.
The feature is set to be ready by the end of the month.
Microsoft usually notifies around 10,000 users per year of nation-state attacks.
“If a user is targeted or compromised in one of these attacks, Microsoft sends them an email about the attack, along with basic advice they need to take to re-secure their inbox and devices”, the report said on Monday.
In its latest ‘Microsoft Digital Defense Report,’ the company said that nation-state actors are engaging in new reconnaissance techniques that increase their chances of compromising high-value targets and attackers have developed new ways to scour the internet for systems vulnerable to ransomware.
In 2019, Microsoft blocked over 13 billion malicious and suspicious mails, out of which more than 1 billion were URLs set up for the explicit purpose of launching a phishing credential attack.
The most common attack techniques used by nation-state actors in the past year are reconnaissance, credential harvesting, malware and virtual private network (VPN) exploits.
Microsoft observed 16 different nation-state actors either targeting customers involved in the global COVID-19 response efforts or using the crisis in themed lures to expand their credential theft and malware delivery tactics.
If you have an interesting article / experience / case study to share, please get in touch with us at [email protected]