Microsoft Introduces Nation-State Threat Notifications
Microsoft Defender for Office 365 (formerly known as Office 365 Advanced Threat Protection) will display a notification informing enterprise users that a suspected nation-state threat attack is interfering with its workspace.
Microsoft already notifies thousands of users per year that a nation-state threat actor could be interfering with their network. However, at the moment, alerts are sent via email.
If the Microsoft Defender for Office 365 user doesn’t check their email on the day, they might miss an important notification. Although Defender for Office 365 is primarily an enterprise product, important notifications still slip through the gaps.
The new notifications will appear within the Microsoft Defender for Office 365 dashboard. It will stand a much higher chance of being seen by network administrators, security teams, management personnel, and so on.
Microsoft added the “Potential Nation-State Activity Alerts” to the Office 365 Roadmap on February 6, 2021, and expects the feature to complete the rollout by the end of the month.
What Is a Nation-State Attack?
A nation-state attack is considered one of the most dangerous types of cyberattacks, such is the depth of knowledge and range of resources available to the threat actor.
The recent SolarWinds cyberattack is strongly suspected to be a nation-state attack, such was the level of expertise required to infiltrate such high-level networks. The attack, known as a supply chain hack, compromised multiple targets after remaining dormant in the victim’s networks for months.
But despite how dangerous a nation-state attack sounds and appears, the majority of the time, regular users like you and I are not the targets. Devoting such substantial resources to attacking regular citizens isn’t worthwhile as there are much easier ways to access their data.
As such, nation-state threats usually attack much larger targets such as government offices, major tech companies, national infrastructure, and so on.
