Last month, we offered a free 30 day trial to our customers for Huntress Managed Identity Threat Detection Response (IDTR) Software.
It’s clear just how crucial strong and necessary ITDR is for every business.
Managed ITDR provides 24/7 monitoring and response for Microsoft 365 email accounts. It combats session hijacking, credential theft, malicious inbox and forwarding rules, business email compromise, and account takeover attempts.
During the 30 day trial period, our cybersecurity platform analysed 15,523,371 Microsoft 365 events. This identified any potential threats to our Microsoft 365 users or environments. Out of those events, there were 305 Microsoft 365 signals detected through automated and human analysis.
Our security analysts dug a bit deeper to manually investigate 25 signals that were suspicious in nature. Those investigations led to 18 Microsoft 365 incident reports, which required remediation of compromised users by our security team. In these cases, users had been compromised or were at significant risk. Immediate action was necessary to prevent attackers from gaining access or causing further harm.
One of the most concerning patterns that we observed during the free trial was an uptick in seemingly harmless files being renamed as Remote Monitoring and Management tools to gain access to endpoints. These tools are normally used by IT teams for support and maintenance. However, once in the wrong hands, they can provide direct access to endpoints. Once attackers successfully installed these disguised tools, they wasted no time in establishing persistence. From there, they immediately attempted lateral movement. They spread quietly from one device or account to another in search of sensitive data or privileged access. These early actions are tell-tale signs of a more serious, coordinated intrusion attempt. They show just how vital ITDR is as a part of your cyber security defence.
Using strong two-factor authentication mechanisms, along with keeping basic security hygiene in place (like turning on logging), goes a long way towards defending against attacks like these.
As an integral and widespread productivity suite, Microsoft 365 is a high-profile and high value target for threat actors. Managed ITDR can detect unusual login patterns, suspicious email rules, and hallmarks of identity-based attacks. When a potential attack is detected, the alert isn’t left to automated systems alone. A security analyst reviews the activity, and an incident report with clear remediation steps is created, so the threat can be contained immediately.
If you are serious about improving your cybersecurity, then ITDR is a must-have. Whether you are a small or large business, you are at risk, cyberattacks are not just a risk for large corporations. Small and medium-sized businesses are increasingly being targeted because their defences are often easier to bypass. Many are suppliers to the larger corporations and the supply chain is often a prime target. Hackers are not bothered about the size or sector. Identities have become the primary target for cyber attackers looking to gain unauthorised access to sensitive systems, customer data and financial information.
The cyber security landscape is constantly changing and at Fifteen Group, we are committed to keeping up with cyber attackers to better protect our customers. We have partnered with industry leader Huntress to enhance identity protection.
Even if you think you have adequate cyber security, like antivirus, this simply won’t cut in today’s world of ever evolving cyber threats.
Our cybersecurity team deliver cyber solutions that bolster your defence and provide you with peace of mind that your organisation is safe.
From ITDR, EDR to Cybersecurity Awareness training and Cyber Essentials we have you completely covered.
Contact us today.
