![]() ![]() They discovered these attackers had entered the environment even earlier to establish access channels (i.e., back doors) for later use as needed.” Importance of MFA DART also identified five additional, distinct attacker campaigns persisting in the environment that were unrelated to the initial incident. “DART quickly identified targeted mailbox searches and compromised accounts, as well as attacker command-and-control channels. 243 days after the initial compromise, DART was then brought in to work alongside the incident-response vendor and the company's in-house teams,” Microsoft says. “This investigation lasted more than seven months and revealed a possible compromise of sensitive information – pertaining to the victim and the victim's customers – stored in Office 365 mailboxes. However, the team also discovered five other ongoing threats. On the day the Detection and Response Team arrived, the attacker was removed. DART intervened when the attack was ongoing for 243 days. The customer sought Microsoft's help when it was unable to remove the APT attack from its network. If it was in place, MFA would have thwarted the state-sponsored hacking group and protected sensitive data and emails. Its first report details says the customer hit by six simultaneous attacks was not using multi-factor authentication (MFA). Redmond says the reports will help to keep customers on their toes when combatting cyberthreats. The company will publish sporadic reports detailing DART's work to better protect enterprise users. Microsoft first announced the Detection and Response Team a year ago. The hacking group stole gained admin credentials and entered the network of an unnamed customer. DART says the attack was an advanced persistent threat (APT) campaign. ![]() In the report, the company points to an incident involving a major customer that saw six separate threat actors attacks its network at the same time.Īmong the attackers was a hacking group with state backing that had been stealing email and data for 245 consecutive days. Microsoft has published the first report delivered by its Detection and Response Team (DART). ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |