Comment: Microsoft warns of continued attacks by Nobelium hackers
June 2021 by ImmuniWeb
Microsoft says it has discovered new attacks conducted by the Russian state-sponsored Nobelium hacking group - which is believed to be behind the SolarWinds supply-chain attacks. The new attacks include managing to hack one of its support staff’s computer to access customer’s subscription information stored on the device.
More on the story here: https://uk.pcmag.com/security/134150/microsoft-warns-of-continued-attacks-by-the-nobelium-hacking-group
Ilia Kolochenko, Founder of ImmuniWeb, and a member of Europol Data Protection Experts Network, comments:
“The exposed hacking campaign brings compelling evidence that the overall cybersecurity hygiene is largely deficient. For instance, password spraying and credential stuffing attacks are preventable by enabling MFA, restricting access to the accounts from specific networks or at least countries, and can be easily spotted by anomaly detection systems. Moreover, a properly implemented Dark Web monitoring process should alert organizations quickly about stolen credentials to be urgently decommissioned. These are the very basics of information security.
Phishing is another common phenomenon that can be successfully mitigated by ongoing security awareness and training programs for employees. When security training is combined with continuous monitoring and threat detection systems, designed to sandbox untrusted emails or hyperlinks, phishing efficiency is zero even when an employee makes a mistake. Attacks on mobile devices and BYOD is another hot topic, but master data management ("MDM") systems can likewise artfully reduce the related cyber risks. Therefore, organizations need to invest in cybersecurity baselines and implement a consistent information security strategy. Otherwise, even technically unsophisticated attacks will continue their surge.”