Three Invaluable Tips to Combat Cyberattacks

The threat of cyberattacks is real, and it's more dangerous than ever. Nobelium, a notorious cybercriminal group sponsored by Russia, has been labelled by Microsoft as the most sophisticated hacking group in history. Their track record includes the infamous SolarWinds cyberattacks in 2020, where they infiltrated critical government departments. More recently, Microsoft has warned about Nobelium's new technique called "MagicWeb," which poses a significant risk to corporate authentication.

Your business could be getting targeted right now. And Microsoft isn’t offering automatic refunds – so if you don’t have the right security measures in place, you will (quite literally) pay the price.

At Probrand, we understand the importance of keeping your business safe. Our experienced team are ready to share all the ways we can support from: Microsoft access policies to explaining MFA in more detail, contact us today if you need support.

Meanwhile, here are three essential tips to help you safeguard your business:

1. Never trust, always verify

Nobelium hackers specifically target accounts without multi-factor authentication (MFA), so adopting a Zero Trust approach is critical. Ensure MFA is enabled. Though setting it up may seem like a significant effort, the additional layer of protection is often free for Microsoft users. When it comes to MFA, we cannot emphasise the importance of strong passwords enough. Discourage the use of easily guessable passwords like 'JoeBloggs' or 'password123.' Encourage your employees to choose lengthy, hard-to-guess passwords. Also, avoid setting password expiration, as Microsoft now believes this makes end users more vulnerable to hackers.

2. Limit global admins to three or fewer

Global admins have unrestricted access to company systems and data, making their accounts highly attractive to Nobelium hackers. Help mitigate this risk by restricting the number of privileged roles within your organisation. A good rule of thumb is to limit global admins within the Azure portal to three or fewer. With over 100 other roles available, including the option to create custom roles, assigning global admin rights to everyone automatically is a dangerous practice that should be avoided.

3. Review existing access policies

In addition to limiting privileged roles, it's essential to regularly review and manage access policies. When assigning roles, ask yourself if the person truly needs a directory role and for how long they will require it. Revising your conditional and least-privileged access policies will help eliminate any vulnerabilities. Monitor audit logs and sign-in logs, and promptly identify and address potentially compromised accounts. Keep in mind that the timeframe for tracking back logs depends on the licensing: Azure AD Premium P1 and P2 customers can track back 30 days, while the free tier is limited to 7 days.

Count on us for support

Overall, the Nobelium threat is a serious concern, especially as hybrid working continues to remain prevalent. Strong cybersecurity measures are crucial for everyone involved. At Probrand we offer a full remit of cloud solutions and services. For years we have been supporting our customers in understanding how Azure cloud can deliver comprehensive protection to employees against cyber-attacks, information loss and cyber threat, whilst enabling mobile workforces and safeguarding confidential data. We understand that many organisations lack cloud expertise in their business or are looking to migrate to Azure but don’t know where to start. To help you on your cloud journey, we offer a free Cloud Check-up or Azure Proof of Concept. Get in touch today to arrange yours.