Cybersecurity Alert: Microsoft 365 Vulnerability Leads to US Treasury Breach

State-backed hackers use Microsoft 365 vulnerability to breach US Treasury

Reuters reported over the weekend that foreign state-backed hackers have breached Microsoft 365 accounts at the US Treasury Department, using their access to secretly monitor email accounts and email exchanges between the US Treasury and the National Telecommunications and Information Administration. The attack was extremely sophisticated and was able to bypass Microsoft’s authentication controls.

Microsoft has released guidance for how organizations can bolster security to attempt to avoid these attacks, and we suggest having your IT provider take a look at this document and make sure your organization is following the recommended best practices. In addition to Microsoft’s recommendations, here are 3 tools and tips to help protect both personal and business accounts from cybercriminals:

1) Set up Two-Factor Authentication (2FA)

Two-factor authentication is the one tool that provides the highest ROI in terms of protecting your accounts from unauthorized access. Microsoft has said that 2FA can prevent 99% of automated attacks on Microsoft 365 accounts, and a recent Symantec study found that 2FA would have prevented up to 80% of data breaches (of all types). If your organization is not currently securing all employee accounts with 2FA, then implementing it should be your top priority. You can also set up 2FA for most of your critical personal accounts (like online banking) in just a few minutes. In general, we recommend using an app-based solution like Duo or Google Authenticator rather than SMS-based text messages for both business and personal accounts. If you’d like to learn more about 2FA, you can check out our One-Minute Wednesday episode on how it works.

2) Improve your password hygiene

Never use the same password twice—if your password becomes compromised in a data breach, cybercriminals can (and will) attempt to use it on all your other accounts. For personal accounts, we recommend using a password manager (like LastPass) to help you 1) keep track of all your unique passwords and 2) create highly-complex, strong passwords. Good passwords should avoid using common words, uses as many characters as possible, and includes a variety of different character types (uppercase, lowercase, numbers, and special characters).

For business accounts, the best practice would be to implement Single Sign On, which allows you to use a single master username and password to access all your business applications, and then protect it with Two-Factor Authentication. You can learn more about SSO by checking out our recent article on it.

3) Learn to spot phishing scams

If you get an email claiming that one of your accounts has been breached and you need to login immediately, it is probably a phishing scam. Phishing is a type of attack where cybercriminals impersonate a person or organization you trust in an attempt to trick you into providing personally-identifiable information (PII) like passwords or credit card numbers. Phishing emails normally include a link to a malicious website or attachment.

The best way to avoid getting compromised is to know how to spot phishing emails. They often have misspelled words, involve a slightly misspelled website like (like microsoftsupport.ru or microsft.com), or include an urgent call to take action immediately. You can learn more about how to spot phishing emails by checking out one of our One-Minute Wednesday episodes on phishing. If you receive an email that seems suspicious, either delete it or forward it to the Anti-Phishing Working Group at phishing-report@us-cert.gov.

About TechMD

TechMD is an award-winning IT services firm that specializes in managed IT services in Orange County and Los Angelesmanaged cybersecuritycloud solutions, and strategic IT consulting. We are passionate about bringing enterprise-level productivity, scalability, and security to small and medium businesses.

Share:

Subscribe to TechMD Insights

More Posts

Executive Chat: Essential Cybersecurity Insights

In the third episode of the TechPulse Executive Chat series, the TechMD leadership team highlights the ever-evolving cybersecurity challenges for business leaders and the essential measures needed to keep your valuable data and networks safe.

Top 5 Warning Signs Every Business Should Watch For

Email Breach Signals: Top 5 Warning Signs Every Business Should Watch For

Microsoft 365 and Google Workspace are two of the most widely used cloud platforms for business, yet cyber criminals continue to break in undetected with relative ease. A large majority of cyberattacks start when someone clicks a link in an email that they shouldn’t, so organizations must stay vigilant for clues that cybercriminals are planning an attack. Today we’re going to share the top five warning signs of an email break-in.

Tech Pulse Executive Chat: 2024 Threats Opportunities

Executive Chat: 2024 Threats & Opportunities

In this impactful video from TechPulse, join TechMD’s executive team as they offer insights on how leaders can leverage the looming revolution to alter their trajectory for the better. Get top tips for business operators in 2024 from the experts.

Skip to content