"Microsoft to Alert Enterprise Security Teams When Nation-State Attackers Target Their Employees"
Microsoft will be introducing a new security alert that will notify enterprise security teams when an employee is being targeted by suspected nation-state attackers this month. The Microsoft Threat Intelligence Center follows these threats, builds comprehensive profiles of the activity, and works closely with all Microsoft security teams to implement detections and mitigations to protect their customers. The notification will appear in Microsoft Defender's dashboard for Office 365, a cloud-based email filtering service that protects enterprise Office 365 users against advanced and targeted threats (e.g., BEC, credential, and phishing). This will allow security teams to immediately start with remediation actions independently of the targeted user, who will also receive an email alert but might not see it or react to it with the required haste. The new feature might be a direct consequence of the recent SolarWinds hack. The attackers, who are believed to be government-backed, have also compromised some of the company's Office 365 email accounts (though that was not the initial attack vector).