The United States formally named the Russian Foreign Intelligence Service (SVR) as the perpetrator of the broad-scope cyber espionage campaign that exploited the SolarWinds Orion platform and other information technology infrastructures. These attacks continue in Microsoft 365 (M365)/Azure environments. Read more at https://us-cert.cisa.gov/ncas/alerts/aa21-008a.
The best way to minimize the risk of a compromise is through Multi-factor Authentication for all users, eliminating admin rights on employee accounts, implement Cloud App Security for monitoring and implement routine cyber security training for employees!
Bob McCool
President
Ariel IT Services