Last Thursday, Microsoft confirmed the breach of its systems, saying: It had found malware in its systems related to the massive hacking campaign that targeted the US Treasury and other federal agencies, adding a large technical target to a growing list of government agencies that have been attacked.
Hackers managed to break into the software company SolarWinds and then spread an update containing malware for the Orion platform; In order to infect the networks of several government agencies and US companies, including Microsoft, whose Outlook email application was hacked.
In addition, Microsoft confirmed that hackers had been able to penetrate some of its Microsoft Azure cloud services, and the company was able to isolate and remove malware from its systems, and at the same time confirmed that it did not find any indications that its systems had been used to attack others.
As a result, Microsoft released a post on its website containing instructions on how organizations can enhance their digital security to avoid similar attacks.
If you have Outlook Personal Mail or use it at work on a Microsoft 365 service, you must ensure it is better secured to protect your data:
1- Activate the two-factor authentication feature:
Activating two-factor authentication (2FA) is the best way to help you secure your Microsoft 365 account from hacking and stealing your login data. According to the US Cybersecurity and Infrastructure Security Agency, this feature will basically add an extra layer of security to log into your account. Where you must enter your password along with the verification code that was sent to your phone or that you access through an authentication application.
to do this. Follow next steps:
- Sign in to the Microsoft 365 service with your Microsoft account.
- Click the Advanced security options tab.
- Activate the option of two-factor authentication (2FA) and then follow the instructions to associate your personal phone number with your service account.
Note: If you prefer to use an authenticator app, you can use the Microsoft Authenticator app, available for free on Google Play or the App Store, which gives you a unique code to enter that expires after a certain period of time.
2- Password protection:
Do not use the same password for multiple accounts, as you can use a password manager application, such as: NordPass to keep track of all your passwords and create strong and unique passwords as well, and if you do not want to use an application for that, you must make sure to choose a password Strong passphrase consisting of at least eight numbers and containing various symbols.
3- Avoid phishing messages:
If you receive an email about the security of your Microsoft account, this message is often one of the phishing scams trying to exploit the latest attack to hijack your data, so avoid clicking on any URLs included in the message.
The best way to avoid such messages is to know how to spot them, so look for spelling errors within the messages or check the sender address or the attached link that often contains the word (Microsoft), such as: microsoftsupport.ru or micros0ft.com, so if you find anything Looks fishy, just delete it or report it by forwarding the message to the Anti-Phishing Working Group at [email protected].
4- protect your apps:
Whether on your smartphone or computer, only install applications from trusted sources, such as: the official application store, and if you use the (Microsoft 365) service, then using Microsoft’s applications to access your account in the service is the most secure option, and you should also make sure By updating all applications as well as your operating system, as these updates fix the vulnerabilities that are discovered.
5- Account recovery data always updated:
Make sure that your account recovery can be easily and easily accessed in the event that it is hacked, and to do so, go to Microsoft’s Security Basics page, and add other information, such as: an additional email address and phone number, and make sure you update this information regularly to keep your account secure.