Classification:

attack

Tactic:

TA0003-persistence

Technique:

T1556-modify-authentication-process

VIEW RULE IN DATADOG VIEW SIGNALS

Goal

Detect when an M365 Copilot Studio agent policy is altered to not require authentication from a user before interaction. Unauthenticated agents allow interaction from any user. This can lead to misuse of the agent’s AI functions, and attempts to exploit the agent to reveal sensitive information or perform tasks it has access to on behalf of an attacker.

Strategy

Monitor Microsoft 365 audit logs for when the @Operation field successfully triggers an BotUpdateOperation-BotAuthUpdate event within the PowerPlatform service.

Triage and response

1. Identify the user who took the action, {{@usr.id}}, the bot application within the value for powerplatform.analytics.resource.bot.id and the updated authentication related values. The property collection values will include the following fields to determine authentication changes: AuthRedirectUrl, AuthenticationConnection, AuthenticationMode.
2. Determine if the authentication method changes were expected for the bot by {{@usr.id}}.
3. If the setting change was unintended or unauthorized interactions occurred, investigate surrounding events for anomalous activity. If necessary, initiate your company’s incident response (IR) process.