Microsoft is closing the book on its internal investigation of the now infamous SolarWinds phishing attack that’s affected hundreds of US companies. While early on it had been identified that the nation-state attack first wormed its way through the use of Microsoft’s Outlook service as a well-planned phishing attack, the company defended the use of its products by reassuring its customers that none of its services were used to directly attack others.
Not only has Microsoft’s internal investigation reaffirmed the claim but it also allows the company to boast that “there was also no evidence of access to our production services of customer data.”
After a figurative pat on the back, Microsoft does advise that going forward its clients and customers adhere to a few fundamental changes to their approach to security.
First, “Adopt a Zero Trust mindset,” which Microsoft describes as “all activity–even by trusted users–could be an attempt to breach systems.” Secondly, is to embrace the cloud. Perhaps, initially counter-intuitive given the way the SolarWinds attack spread, but Microsoft believes by embracing the cloud, companies can “layer up” on security leveraging real-time advancements in threat protection from cloud service providers such as themselves.
The not-so-subtle plug for Azure by Microsoft does have its merits by dovetailing into the company’s last suggested approach to security which is to “strengthen the community of defenders.” Embracing the cloud also helps a business more quickly crowdsource security solutions and Microsoft would like it if more companies would soften to the idea.
Ultimately, the approach to security comes down to businesses’ own core competency with the latest threat analysis. Obviously, Microsoft would love for companies to double upon security by making use of Azure and Microsoft 365 Defender, but it’s a big unsecured world out there and it seems at this point the company would simply settle on its clients being more proactive to potential online threats.