Vade Secure comment on Microsoft email cyber attacks
Following the news that Microsoft accuses China over email cyber-attacks, Adrien Gendre chief product and services officer at Vade Secure comments the following:
“This latest attack on Microsoft is a continuation of the supply chain attacks that have been rampant since the SolarWinds breach last year. Microsoft 365’s prominence in the market and customer base makes it extremely attractive and lucrative to cybercriminals.
The victims in this case—medical researchers and defense contractors—not only offer state secrets but a supply chain of their own, which could be even more lucrative than the original victims. With a quick MX record search, a cybercriminal can see the domains of the email security vendors protecting those businesses and then reverse engineer the solutions to bypass them. If you’re using Microsoft 365, your email security vendor needs to be invisible, inside Microsoft 365 via API, instead of on the outside like a gateway”.