How Microsoft cloud computing operations foil – and learn from – cyberattacks
By Allison Linn
At any point in time on any day of the week, Microsoft’s cloud computing operations are under attack: The company detects a whopping 1.5 million attempts a day to compromise its systems.
Microsoft isn’t just fending off those attacks. It’s also learning from them.
All those foiled attacks, along with data about the hundreds of billions of emails and other pieces of information that flow to and from Microsoft’s cloud computing data centers, are constantly being fed into the company’s intelligent security graph.
It’s a massive web of data that can be used to connect the dots between an email phishing scam out of Nigeria and a denial-of-service attack out of Eastern Europe, thwarting one attack for one customer and applying that knowledge to every customer using products including the company’s Azure computing platform, Windows 10 operating system or Office 365 productivity service.
Those security threats have heightened substantially in recent years, as criminals have built lucrative businesses from stealing data and nation states have come to see cybercrime as an opportunity to gain information, influence and advantage over their rivals. That’s led to potentially catastrophic attacks such as the WannaCrypt ransomware campaign that’s made headlines in the past few weeks. This evolving threat landscape has begun to change the way customers view the cloud.
“It was only a few years ago when most of my customer conversations started with, ‘I can’t go to the cloud because of security. It’s not possible,’” said Julia White, Microsoft’s corporate vice president for Azure and security. “And now I have people, more often than not, saying, ‘I need to go to the cloud because of security.’”