Microsoft warns businesses to up their security game against these top threats
Date:
Fri, 04 Nov 2022 13:00:21 +0000
Description:
The 2022 Microsoft Digital Defence Report (MDDR) outlines some of the biggest security, but also offers tips for stopping them in their tracks.
FULL STORY ======================================================================
Microsoft has warned businesses that many still need to up their security protections in order to stay safe from some of the worst threats around right now.
The company has released its annual Microsoft Digital Defence Report (MDDR) for 2022, offering alarming data on the threats such as identity theft , ransomware and phishing attacks that it has seen in the past year.
The report sheds light on a number of nebulous trends with no concrete solutions, such as ransomware-as-a-service replacing the concept of gangs,
and influence operations spreading propaganda surrounding Covid-19 vaccines and the war in Ukraine. Microsoft threat warnings
At a press briefing for the MDDR's launch, Tom Burt, Corporate Vice
President, Customer Security & Trust at Microsoft stated that although
nothing in the report would be unexpected, all of the trends were moving in the wrong direction.
He also said it would be impossible for 2022s MDDR to not focus on the Russia-Ukraine conflict, and rising aggression in the cyber activity of other nation states.
For example, actors from Iran [are] engaging in destructive attacks
especially targeting Israel, and so the increasing willingness of nation
state actors to use cyberweapons for destructive purposes is clearly a worrisome trend, Burt said.
This followed an earlier announcement that Microsoft would be extending its vital, free of charge technology support for Ukraine through 2023.
Burt claimed that, since the Russia-Ukraine conflict began in February 2022, this support has involved giving several of its ministries a cloud backup presence and signing signatures for seven or eight generations of malware entering their systems.
Burt also re-emphasized the reports claims that the threat of ransomware continues to grow, and that perpetrators are becoming more brazen in
attacking nation states. TechRadar Pro has reported on several ransomware campaigns targeting healthcare , government , and education organizations in the past, putting sensitive patient, citizen, and child data at risk.
But Microsoft notes that, in some cases, ransomware attacks can have much
even more damaging implications. The MDDR gives the example, among others, of Costa Rica being forced to declare a national emergency, after hospitals were shut down and tax collection was halted following a ransomware attack in May 2022.
The report explains that an increase in ransomware attacks can be linked to ransomware-as-a-service becoming the dominant model, making it even easier
for threat actors to launch attacks as the barrier for entry is lowered to unskilled clientele who simply pay for access to existing tools. Microsofts security advice
According to the data, 99% of all ransomware attacks attempt to tamper with discovered security and backup products using OS-built tools.
Microsoft also found that ransomware attacks continue to utilize compromised account data, such as passwords , to succeed. 75% of all attack signals used acquired elevated compromised user accounts to spread malicious payloads. The same percentage of attacks also used admin tools to succeed.
In a section titled Cyber Resilience, Microsoft claims that 100% of all attacks that it recorded used stolen credentials, including but not limited
to passwords.
It positions securing credentials using techniques such as multi-factor authentication (MFA) as one of the most important things an organization can do for its security posture.
Switching to new credential techniques can present its own security posture issues. The MDDR discusses MFA fatigue. Here, attackers with no access to a system repeatedly make account access requests, and rely on the real owners
of those accounts growing frustrated and accepting the request so the notifications go away.
Microsoft notes that this can be thwarted via the adoption of non-intrusive authenticator apps that dont rely on notifications, but temporary codes
served via the app. These apps include Microsoft Authenticator, in addition
to Google Authenticator and Twilios Authy, all of which are free. Zero Trust approach
Microsoft also uses this year's MDDR to advocate for a Zero Trust approach to security. Zero Trust environments assume that any employee in an organization can pose a threat, and is fast becoming the cross-industry standard.
Beyond MFA, the company outlines other strong Zero Trust practices such as verifying users and devices before allowing access to resources, giving that access the minimum level of privilege required, and always assuming that systems have been breached, necessitating constant monitoring for attacks.
The MDDR claims that basic security hygiene protects against 98% of all attacks, so while Zero Trust is inconvenient, it is absolutely necessary for organizations in the modern age to survive. Microsofts security services
Naturally, Microsofts own report also boasts of its own ability to monitor threats, and how that positions it as the company best positioned to offer solutions to counter them.
We work to make sure that were providing advice to the readers, our customers and others on the internet as to the best steps that can be taken to protect against ongoing risks and those that represent new trends, Burt said of the MDDR.
Microsoft suggests throughout the MDDR that organizations implement a number of its products into its tech stack to protect against and deal with threats, such as its Security Service Line for support throughout a ransomware attack, and Microsoft Defender for Endpoint for cloud-based protection. Heres our
list of the best cloud firewalls right now
======================================================================
Link to news story:
https://www.techradar.com/news/microsoft-warns-businesses-to-up-their-security -game-against-these-top-threats/
--- Mystic BBS v1.12 A47 (Linux/64)
* Origin: tqwNet Technology News (1337:1/100)