Post by Kevin Peesker, President, Microsoft Canada
The COVID-19 pandemic has generated an unprecedented level of online activity, as millions of Canadians work and study remotely, using digital tools to stay connected with family, friends, and colleagues. With this shift, it’s important to ensure we’re doing everything possible to protect ourselves against cyberthreats and attacks. The number of potential targets for threat actors has never been higher – and we’re seeing troubling new data indicating that we must now be more vigilant than ever when it comes to protecting ourselves, our devices and our networks.
Microsoft’s recent Digital Defense Report finds that threat actors have significantly increased the sophistication of their methods over the past year, making them harder to spot as they threaten even the most well-protected targets. Microsoft scans 8 trillion signals per day and in 2019 alone, Microsoft blocked over 13 billion malicious and suspicious mails out of which, more than 1 billion were to launch phishing credential attacks. But now – in an increasingly vulnerable climate fueled by the pandemic – we’re seeing attackers use new reconnaissance techniques to increase their chances of compromising high-value targets. In fact, one-third of Canadian businesses say they’ve been targeted by a COVID-19-related cyberattack, according to a recent survey from Canadian Internet Registration Authority (CIRA).
Cybercriminals are now operating from the cloud, where they can hide among legitimate services and focus on “credential harvesting” by posing as a brand to trick users into providing access to their logins, passwords or security question answers. In addition to this, attacks on Internet of Things (IoT) devices are also evolving with the first half of this year seeing an approximate 35 per cent increase in total attack volume compared to the second half of 2019.
A survey of Canadian businesses recently conducted for the federal government finds that more and more business owners and managers are the ones handling cybersecurity in their company, instead of investing in a dedicated IT lead or third-party security vendor. Forty-two per cent of companies say they don’t believe they are a target for a cyberattack, and there is declining diligence in keeping security software up to date and using multi-factor authentication (MFA) for access. The Microsoft Digital Defense Report shows that enabling MFA would single-handedly prevent the vast majority of successful cyberattacks.
While it’s critical for organizations to stay up to date on their cybersecurity practices, we also realize the importance of hardware security. Windows 10 is the most secure version of Windows ever built with end-to-end security right from the cloud to the hardware itself. With innovations such as System Guard and Windows Hello, we are always improving on our protections to ensure that we are keeping pace with the threat landscape. To build on this, today, we announced the Microsoft Pluton security processor, in collaboration with our leading silicon partners AMD, Intel, and Qualcomm Technologies Inc. Complete with chip-to-cloud security technology, this processor brings even more protection and security advancements to future Windows PCs. This will allow us to bring security right to the core of the PC, built into the CPU with hardware and software being more integrated and protected than ever before.
But as we all know, security is not a one-stop shop. It is not just a matter of hardware or software; it’s the combination of both from identity to protection to defense. To learn more about today’s announcement and read more about our security solutions, please visit the Microsoft Security Blog.