Microsoft details how it defends against persistent attackers

With the rise in Cyber threats Microsoft has been striving hard to neutralize the same by introducing new security initiatives at regular intervals. It was for this very reason that Microsoft killed the RC4 Cipher recently. Microsoft Malware Protection Center has been keeping an eye in the activity groups and the most challenging of them in the recent times was the internal group code named “Strontium”.

SSL/TLS vulnerability

Unlike most of the other attacks like the Ransomware, Strontium focuses on obtaining sensitive information which can potentially be traded at a relatively high value. The group has been targeting journalists, political advisors and organizations which bear a high relevancy to the governance. Since the aforementioned targets are secured with high end firewalls and other security features the group works efficiently at an organizational level.

Strontium employs spear phishing tactics and targets the individual via a highly customized messages associated with a credible email provider. The email shares a high level of accuracy as it would eventually speak of the upcoming events or conference. As mentioned earlier Strontium strives on the power of information as a result it gathers all the information from the individuals by installing malware which in turn is pay loaded into a malicious attachment.

Within no time Strontium strikes back and takes advantage of the vulnerability which in other words is also referred to as zero-day exploits wherein the patch it awaited by the software vendor. Strontium is platform agnostic, which means that it is not just the Windows machines at peril but also the other operating systems.

The best way to avoid such attacks, says Microsoft, is to keep your system updated all the time and if you are a software vendor make sure the patch for a loophole is deployed as soon as possible. It would also be helpful if the potential targets are warned of the impending dangers of social engineering. Multi factor authentication methods can also act as savior in case of such attacks.

Posted by with Tags
Mahit Huilgol has been using Windows on PC and Mobile since long. He has been following Microsoft developments from close quarters and loves writing about it.

Leave a Reply

Your email address will not be published. Required fields are marked *

6 + 4 =