Menu
Theyâre smart. Theyâre dangerous. And theyâre coming for your customers. No, weâre not being dramatic â Nobelium (a notorious cybercriminal group) really does pose a threat, and itâs greater than ever before.
The Russia-sponsored group of hackers has been described by Microsoft as âthe most sophisticated in historyâ â and for good reason. They were behind the SolarWinds cyberattacks in 2020, where they accessed emails in the U.S. Treasury, Justice and Commerce departments. And Microsoft have warned that Nobelium have recently discovered a new technique to attack corporate authentication, which Microsoft have named âMagicWebâ.
Right now, they could be targeting your customers. And Microsoft isnât offering automatic refunds â so if your customers donât have the right security measures in place, they will (quite literally) pay the price.
We can help you keep your customers safe. Our experienced team are ready to share all the ways we can support from: Microsoft access policies to explaining MFA in more detail, contact us today so we can support you.
In the meantime, how can you keep them safe? Hereâs three tips from Westcoast Cloud.
Nobelium hackers are hunting for accounts without multi-factor authentication (MFA) â so a Zero Trust approach is essential. You need to enable MFA across the board, for all your customers and their end users.
It might seem like a lot of work to set up, but you wonât regret it. And most of the time, that extra layer of protection is free of charge for Microsoft users.
On the topic of MFA â emphasise the importance of strong passwords to your customers. They shouldnât just choose any old thing, like âJoeBloggsâ or âpassword123â. Encourage them to choose a password thatâs hard to guess and has a long character length. And most importantly, donât set passwords to expire, as Microsoft now believes this makes end users more vulnerable to hackers.
Global admins have unlimited access to company systems and data â so naturally, these accounts are really appealing to Nobelium hackers. How can you help your customers overcome that danger? The answer is simple: restrict the number of privileged roles.
A good rule of thumb is to shoot for no more than three global admins within the customer Azure portal. There are over 100 other roles that you can assign to users â and you can create custom roles, too! Defaulting to global admin rights for everyone is a terrible â but totally avoidable â idea.
Building on our last point, privileged roles need to be looked after. If youâre assigning them, ask yourself: does this person really need a directory role? How long will they use it for?
Revising your customersâ conditional and least-privileged access policies will help tighten any loose ends. Check audit logs and sign-in logs, and flag accounts that might be compromised. Bear in mind that youâve got a limited time to do that depending on the licencing: Azure AD Premium P1 and P2 customers can track back 30 days, whereas those with the free tier can only track back 7 days.
All in all, the Nobelium threat sounds pretty frightening â and so it should. The need for strong cybersecurity isnât new, and itâs not going anywhere either â especially with hybrid working here to stay. For that reason, security needs to be top-of-mind for everyone: CSPs like us, partners like you, and of course, your customers.
At Westcoast Cloud, we want to help you keep your customers safe. Our team can walk you through all the Microsoft access policies and explain MFA in more detail. If you want to check which end users are operating without MFA, we can help with that too.
We also offer sales and technical support. So, if you fancy selling the Microsoft Defender stack or any other security solutions, our team are on hand to help, every step of the way.
To learn more about protecting your customers from Nobelium, listen to our Cloud Talk podcast or drop us a line at Microsoft@wescoastcloud.co.uk.
Subscribe to receive our communications.
© Westcoast Cloud 2023. All Rights Reserved.