Immediate Response and Detection
On Friday Microsoft released an official statement on its actions following a cyber breach by Nation State Actor Midnight Blizzard against its corporate systems. This breach raises concerns about the ongoing threat from nation-state actors and highlights potential shortcomings in Microsoft’s cyber practices. Common issues such as poor password management and disabled 2FA contribute to cybersecurity risks, and Microsoft is not exempt from these challenges.
Cybersecurity Practices and 2FA Implementation
Through targeting a legacy test tenant account, the bad actors were able to bypass more vigorous security measures to alter account permissions. Hackers were then able to access a small percentage of corporate email accounts, including members of the senior leadership team and employees in the cybersecurity and legal divisions.
The success of a spray attack signifies that Microsoft was not fully enforcing 2FA/MFA on its own systems, despite recommending it to its users. The attack highlights the importance of enabling 2FA across all platforms as an added layer of defense, despite having other cybersecurity measures in place.
In response to the breach, Microsoft is redefining the balance between security and business risk. Immediate measures include applying current security standards to legacy systems, even if disruptions occur.
This incident serves as a reminder of the constant need for vigilance in cybersecurity practices to mitigate risks from sophisticated adversaries. Cyber disaster response plans need to be frequently reviewed and updated as new vulnerabilities and risks appear.
Contact us for a free consultation at sales@optfinITy.com or 703-790-0400 to review vulnerabilities in your network and create a plan of action today.