Cybercriminals see red as Microsoft hacks for good

Businesses in the Middle East and Africa are key targets for cyber attackers.

Data published by PwC in 2016 suggested that Middle East businesses were considerably more likely to suffer from cybercrime than the global average. Even though increased awareness and investment saw attacks in the United Arab Emirates (UAE) decline during the first half of 2018, cyber criminals still managed to steal close to Dh4 billion from victims in 2017, while the average amount of time consumers in the UAE lose dealing with online crime is rising steeply.

Businesses in South Africa are also falling victim to repeated ransomware attacks, with more than half of them hit by ransomware in 2017, according to a survey by Sophos. Further North, Kenya has been targeted by hackers in several major attacks over the past couple of years.

Hackers are increasingly taking advantage of “low-hanging fruit” as the cost of circumventing security measures goes up. Botnets continue to impact millions of computers globally, infecting them with old and new forms of malware, while ransomware continues to be a popular method used by cybercriminals to solicit and, in several cases, successfully obtain money from victims.

“We continue to see high profile cyberattacks land in the headlines around the world,” says David Weston, principal security group manager at Microsoft, who leads the Device Security and Offensive Security Research team, also known as the Red Team.

“Cryptocurrency mining, ransomware and other scareware are reaching new levels of sophistication.”

Microsoft’s own Red Team

Despite the continuous cybersecurity threats, only 33 percent of organisations have a cyber-incident response plan in place, and most companies are still not adequately prepared for or even understand the risks faced.

It’s for this reason, Microsoft is committed to helping businesses secure their environment and protect their customers. One way the company is working to achieve this, is through its Red Team, led by Weston, who is visiting the Middle-East this month.

“The Red Team operates like the world’s most sophisticated attackers: Gathering intelligence about their target, finding strings of vulnerabilities and then building the most refined exploits,” explains Weston. “Once their attack is complete, they work with their colleagues to identify and build disruptors to block the attack.”

The idea came about when Weston was at a hacking competition known as Pwn2Own, and noticed the pattern of many companies, including Microsoft, whereby they released software to the public and then hackers would attack. The so-called “white hats” would tell these companies about the vulnerabilities they found, but the “black hats” found and exploited these vulnerabilities themselves.

Weston says, “I knew we needed to be more aggressive in our approach, so I devised a plan: Disrupt this cycle by creating a team of internal hackers at Microsoft who would mimic the tactics and techniques of the most advanced hackers. Their goal would be to attack Windows 10 and its apps to make them better – to find and fix the toughest vulnerabilities before the bad guys.”

The Red Team’s advanced threat protections identify nearly a billion threats per day across end points. This helps Microsoft stay ahead of the game as hackers become increasingly more sophisticated.

The impact of AI and cloud on cybersecurity

Weston also highlights the impact of artificial intelligence (AI) on security.

“AI is filling critical gaps in cybersecurity,” he explains. “It will continue to advance cybersecurity; improve efficacy, detection and response; and bring us closer to being truly predictive and preventing attacks before they even occur.”

However, cybercriminals will continue to advance and adapt, just as the industry continues to advance and adapt. It’s for this reason businesses are being urged to move to the cloud, adopt modern platforms, and embrace comprehensive identity, security and management solutions.

“Most businesses aren’t as prepared as they could be. We can all do better, and that’s why we believe cloud is a security imperative to secure today’s modern workplace,” says Weston.

The Red Team is making inroads to ensure Microsoft software is as secure as possible for its customers. However, businesses in the Middle East and Africa that are embracing digital transformation to remain relevant in their markets should prioritise four key initiatives to ensure they are secure: implementing cyber resilience strategies; developing cybersecurity skills; protecting data privacy; and integrating cyber risk.

“At Microsoft, we recommend that everyone must be proactive in their cybersecurity efforts. Better protection equals better prevention, detection and remediation,” says Weston.

Related Posts