At the start of the month Microsoft introduced Cyber Signals, a cyber threat intelligence brief informed by the latest Microsoft threat data and research. This content, to be released quarterly, offers an expert perspective into the current threat landscape, discussing trending tactics, techniques, and strategies used by the world’s most prolific threat actors.
As we have seen ourselves working with customers, cyber attacks by nation-state actors are on the rise and despite their vast resources, these adversaries often rely on simple tactics to steal passwords, not protected by MFA etc.
The recommendations made by Microsoft reinforce how effective the following controls can be:
Enable multi-factor authentication – to verify the authenticity of users and activities: By doing so, organisations mitigate the risk of passwords falling into the wrong hands . Even better, eliminate passwords altogether by using passwordless MFA.
Audit account privileges: Privileged-access accounts, if hijacked, become a powerful weapon attackers can use to gain greater access to networks and resources. Security teams should audit access privileges frequently, using the principle of least-privilege granted to enable employees to get jobs done.
Review, harden, and monitor all tenant administrator accounts: Security teams should thoroughly review all tenant administrator users or accounts tied to delegated administrative privileges to verify the authenticity of users and activities.
Establish and enforce a security baseline to reduce Audit account privileges: Nation-states play the long game and have the funding, will, and scale to develop new attack strategies and techniques. Every network-hardening initiative delayed due to bandwidth or bureaucracy works in their favour. Security teams should prioritise implementing zero-trust practices like MFA and passwordless upgrades.
You’ll find this article a worthy a read on the topic.
Are you looking to get a Threat Modelling Platform in place to prevent attacks from damaging your business?
If you would like to find out how to implement Threat Modelling to protect your business, find out more here.
To protect against these risks, we:
- deliver embedded threat modelling to improve the security of your organisation
- assist in building your threat modelling capabilities
- provide tools, training and ongoing access to key threat intelligence.