Sunday, February 21, 17:06
Home security Microsoft: "Zero trust" protects against sophisticated hacking attacks

Microsoft: "Zero trust" protects against sophisticated hacking attacks

According to Microsoft, the techniques used by hackers of Solarwinds, were sophisticated but common and preventable.To avoid future attacks similar levels of complexity, Microsoft advises organizations to adopt the "zero trust».

microsoft zero trust

In essence this means that organizations must consider that every part of their systems is at all times in risk and explicitly verify the security of user accounts, end devices, network and other resources.

Such as notes ο Alex Weinert, director of identity security at Microsoft, the three main attackers are compromised user accounts, compromised vendor accounts, and compromised software supplier.

Thousands of companies were affected by infringement of SolarWinds, which was unveiled in mid-December. The team hacking known as UNC2452 / Dark Halo, targeted the build environment for the software Orion of SolarWinds.

According to Weinert, the attackers took advantage of gaps in the "explicit verification" of each of the main actors.

"Where user accounts were compromised, known techniques such as password spray, e-fishing (Phishing) or malware for violating user credentials by giving the attacker access to the client network", Writes Weinert.

It claims that cloud-based authentication systems like Azure Active Directory (Azure AD) is more secure than indoor ID systems because the latter does not have cloud-supported protection.

In cases where hackers succeeded, Weinert notes that privileged vendor accounts did not have additional protections such as Multifactor Authentication (MFA), IP bandwidth restrictions, device compliance, or access criteria. Microsoft found that 99,9% of the breached accounts it monitors each month do not use MFAs.

This attack technique could also be prevented if there were stricter permissions on user accounts and Appliances.

"The first principle of the Zero Trust is to explicitly verify that you have extended verification to all access requests, even those from suppliers and especially those from in-house installations."

Weinert admits that invasion at SolarWinds was a "really important and advanced attack", but the techniques they used could be mitigated with these best practices.

LEAVE ANSWER

Please enter your comment!
Please enter your name here

Absent Mia
Absent Miahttps://www.secnews.gr
Being your self, in a world that constantly tries to change you, is your greatest achievement

LIVE NEWS

How to add special effects to Instagram messages

Did you know that you can make instant Instagram messages more impressive? Like any other Instagram feature, you can add special ...

Only 270 addresses are responsible for 55% of all money laundering

Cybercriminals who keep their money in cryptocurrencies tend to "launder" money through a small set of online services, according to ...

Twitter: Voice messages are coming! How do we send them?

Twitter will soon support voice messages in both iOS and Android applications. This means that you will be able to send ...

How to connect a Bluetooth headset to a Nintendo Switch

The Nintendo Switch has a headphone jack. However, most headphones have become wireless so you will need a way to connect them ...

How to hide your phone number in Telegram

If you wish to create a Telegram account, you must provide your telephone number. In this way, Telegram validates the ...

Google Assistant: How can you delete your recordings?

Google Assistant can make your daily life much easier. However, it also involves some privacy issues, as ...

Microsoft: Office 2021 / Office LTSC coming in the second half of 2021

Microsoft announced that the Microsoft Office Long Term Service Channel (LTSC) and Office 2021 will be released in 2021, for ...

How to quickly create QR codes with Bing

If you ever need to create a QR code, but you do not know how, Microsoft has an easy-to-use tool available in any program ...

Brave: Onion addresses leaked to DNS traffic

The Tor function included in the Brave web browser, allows users to access .onion dark web domains within ...

What are the 6 most known attacks on gaming companies?

A few days ago, the gaming company Big Huge Games informed the players that it was the victim of an attack, which affected its data ...