Microsoft warned nearly 10,000 customers against attacks by state hackers
Last year, Microsoft claims to have warned nearly 10,000 customers who were the target of so-called nation-state attacks. These are online attacks that are believed to be behind the powers.
The attacks came mainly from Iran, North Korea and Russia, the claim reads. Of the nearly 10,000 attacks, 84 percent targeted business customers and the remaining 16 percent involved consumer personal email accounts. In particular, Microsoft claims to have detected attacks by the Iranian groups Holmium and Mercury, Thallium from North Korea and Yttrium and Strontium from Russia.
Microsoft already announced in 2017 that it would focus more on state attacks. The company uses machine learning to detect attacks, among other things, and the company’s Advanced Threat Protection service said it scanned six billion emails a day at the time.
Not only does Microsoft have attacks from state hackers in its sights, Google has also been sending warnings to Gmail users since 2012 if they appear to be a target. Google gave that feature an update in 2016. In late 2015, Twitter and Facebook announced they would also warn users if they suspect government-backed hackers are trying to gain access to an account.
Microsoft has been offering an AccountGuard service to organizations at high risk of being targeted since August last year. To do this, the company monitors the activity of malicious groups suspected of having states behind it. Microsoft claims to be able to identify patterns of attack campaigns targeting organizations that do not surface when accounts are monitored in isolation. The company focuses on political parties and NGOs, among others, and has expanded the service to 26 countries in the past year. Last year, Microsoft sent 781 notifications about attacks to AccountGuard participants.