New Delhi, March 10 : Alarmed at the massive attack by nation-state threat actors including from China on its business email servers, Microsoft has announced the expansion of its enterprise-grade identity and access management protection service ‘AccountGuard’ to all high-risk members in 31 countries at no additional cost.
Microsoft AccountGuard provides notification about cyberthreats, including attacks by known nation-state actors, in a unified way across both email systems run by organizations and the personal accounts of leaders and staff who opt in.
The company said in a statement on Tuesday that the addition of new features to AccountGuard provides new ways to protect online accounts for political parties, candidates and their staff, health care workers, human rights defenders, journalists and certain other customers who are at greatest risk from nation-state hackers.
“Improving the security of political actors is a critical step to help prevent ‘hack-and-leak’ operations where cybercriminals or foreign governments steal a campaign official’s emails and release them online, which, in turn, can help fuel disinformation campaigns,” said Jan Neutze, Senior Director, Digital Diplomacy.
The announcement came as reports claimed that least five different hacking groups, including one from China, are currently attacking vulnerabilities in Microsoft’s email servers — described by the US government as “widespread domestic and international exploitation” that may affect hundreds of thousands of victims globally.
While Microsoft has already revealed that a Chinese government-linked hacking group known as Hafnium is targeting its on-premises ‘Exchange Server’ software, the MIT Technology Review reported that at least “four other distinct hacking groups are now attacking critical flaws in Microsoft’s email software”.
The Exchange Server is primarily used by business customers. Microsoft has released several security updates to fix the vulnerabilities, advising its customers to install those immediately.
Microsoft said that the company is “working closely with CISA (Cybersecurity and Infrastructure Security Agency), other government agencies, and security companies to ensure we are providing the best possible guidance and mitigation for our customers”.
According to KrebsOnSecurity, at least 30,000 organisations across the US, including government and commercial firms, have been hacked by China-based threat actors who used Microsoft’s Exchange Server software to enter their networks.
The company last week announced the general availability of passwordless authentication solutions for Azure Active Directory (Azure AD), to reduce the risk from phishing and password attacks and give users an easy and convenient way to sign in and access their accounts without the dependency of passwords.