Microsoft’s latest Security Intelligence Report highlights cybersecurity threat data from the first quarter of this year – and it’s available right now for free, at Microsoft.com/sir.
The 22nd volume of the report provides a comprehensive overview of the current threat landscape, made possible thanks to Microsoft’s vast collection of expertise and intelligence across its global network of cloud and on-premise solutions.
One key finding from the report shows that the frequency and sophistication of attacks on both consumer and enterprise accounts in the cloud are growing, with substantial increases in user account hacks and malicious sign-in attempts, and the stealing of online identities.
Microsoft’s Identity Security and Protection team has seen a 300% increase in user account hacks over the past year. Most of these compromises result from weak, guessable passwords, and poor password management. Phishing attacks and breaches of third-party services were also serious problems.
Cause and effect
Cybercrime is expected to cost up to US$3 trillion in lost economic value over the coming years, and examples of attacks have become more and more prevalent in the news in recent times.
The most common, and often least detected form of data breaches, are compromised identities.
In the real world, people can verify who you are in person. Your colleagues, the security guard in your office, your family and friends – they all know who you are, and will happily engage with you, because they trust you.
Online, however, things are trickier. You’re physically separate from interactions, and your online identify is scrutinized hundreds of times daily as you navigate websites, apps, financial services, work emails, document sharing, and much more.
As more and more consumers and businesses embrace digital transformation and embark on their cloud-first journey, online security becomes more crucial. Without a secure online identity, you’ll leave yourself vulnerable to attackers gaining access to your information, and maliciously using it to their advantage.
A total of 63% of data breaches are traced back to compromised identities. In 2016 alone, more than three billion customer data records were breached in a series of high-profile attacks. Often victims have no idea that their online identities were ever involved in illegal acts.
How Microsoft can help
Microsoft operates more than 200 consumer and commercial services around the world. Every month, Microsoft processes 450 billion authentications, scans 200 billion emails for malware and phishing, and oversees the updating of one billion Windows devices – just to name a few examples.
Its partnerships with other companies in the industry, coupled with its proactive approach to help customers limit attacks and protect their identities, allows it to provide the only truly holistic security platform.
Protecting identities with real cyberthreat intelligence requires more data, telemetry and machine learning than most organizations can expect to manage. Microsoft takes the pressure off businesses by translating billions of data points into actionable intelligence for individual customers, alerting administrators to potential threats before they happen, while machine learning and behavioral analytics detect known threats, uncover abnormal activity, and identify advanced persistent threats.
ALSO READ: AI and cybercrime: Good and bad news
Protecting your online identity
Microsoft’s products and services have numerous built-in tools to help ensure that online identities are kept secure, at both a personal and commercial level:
Windows Hello for Business: Microsoft ensures that identity protection takes place at the OS and device level. Windows 10 protects against identity compromises using multifactor authentication. Users can set up a Pin and/or biometric login details (i.e. their face), both of which offer more secure alternatives to traditional network passwords, which are more vulnerable to phishing and password cracking attempts.
Office 365 Secure Score: Email remains a primary tool for scammers trying to trick people into sharing too much information. Office 365 Advanced Threat Protection is a first line of defence against the kind of phishing attacks that are often used to lure users into sharing credentials. Office 365 also offers Secure Score, which, like a credit score, gives administrators a broad assessment of their Office 365 security profile. Secure Score provides a risk assessment and recommendations for mitigating suspicious behavior, like privilege escalations or account breaches that may lead to data loss.
Credential Guard: Built directly into Windows 10, Credential Guard uses virtualization-based security to isolate secrets such as network passwords so that only privileged system software can access them, limiting their ability to be compromised, and reducing the risk of credential theft attacks.
Microsoft Azure Active Directory Identity Protection: This feature provides an overview into risks and potential vulnerabilities before attacks have even occurred, allowing the appropriate policies to be put in place to ensure your organization is well protected ahead of time. Imagine a surveyor pointing out potential weak spots in a bank’s vault and security system, before making recommendations to minimize the risks. Features include password resets and multi-factor authentication – speaking of which:
Azure Multi-Factor Authentication (MFA): Microsoft’s two-step verification solution helps protects access to your data with a simple sign-in process using various methods to confirm your identity. These include automated phone calls, SMS, mobile app notifications and verification codes.
Microsoft Privileged Identity Management: Privileged accounts – accounts which manage IT systems – are often targeted by attackers to gain access to an organization’s data and systems. Microsoft offers the ability to isolate these important accounts to reduce the risk of being exposed to a malicious user.
For more information, please visit the official Microsoft Secure blog post, as well as the infographic below: