![]() ![]() ![]() Cybersecurity and Infrastructure Security Agency, told the Wall Street Journal. ![]() “This is a significant step forward to ensuring that every Microsoft customer has the right visibility to detect other threats that we know are targeting American organizations every day,” Eric Goldstein, executive assistant director for cybersecurity at the U.S. ![]() Other organizations, with lower-tier solutions, had no way of identifying the attack. In this particular case, the State Department used a tool that was only available to Microsoft customers using the company’s highest-tier Microsoft 365 cloud service, known as E5. The incident did speed up the process, though, with Jakkal noting that, “There was clearly an urgency to get this done, given the sophistication of the landscape." Analysis: Why does it matter?Įvent logs cannot prevent cyberattacks, but they are an essential tool in spotting unusual activity on the network, through which IT teams can identify and terminate malicious individuals. Vasu Jakkal, a vice president of security at Microsoft, told the Wall Street Journal that the change didn’t come as a result of the Chinese hack, and that it was in the works for quite some time now. The change is expected to take effect in September 2023. Furthermore, the duration of retention for security logs is being extended from 90 to 180 days. That includes the email log that the State Department used to spot the attack. Now, to better combat similar threats in the future, Microsoft is making 31 critically important security logs available to its customers using cheaper cloud service packages. The attackers were lurking in the emails for roughly a month, during which they managed to access some sensitive data, although it’s impossible to determine the exact scope of the intrusion. Further analysis discovered that a Chinese threat actor, known as Storm-0558, used forged authentication tokens and a stolen Microsoft account consumer signing key to access the inboxes. This follows a June 2023 incident where the US State Department informed Microsoft of an intrusion in its email inbox. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |