Hackers target Microsoft's cloud with massive year on year increase in attacks
2 min. read
Published on
Share this article
Improve this guide
Read our disclosure page to find out how can you help MSPoweruser sustain the editorial team Read more
Microsoft recently released the latest edition of the Microsoft Security Intelligence Report (SIR Volume 22). The Microsoft Security Intelligence Report (SIR) analyzes the threat landscape of exploits, vulnerabilities, and malware using data from Internet services and over 600 million computers worldwide. Threat awareness can help you protect your organization, software, and people.
According to the report, Microsoft’s consumer and enterprise online services experienced a 300 percent increase in cyber attacks over the past year. The sad part is that most of the compromises were because of weak, guessable passwords (eg: 12345678, password123) and poor password management, followed by phishing attacks and breaches of third-party services. Once the account credentials are stolen using phishing techniques, attackers tries to use them on multiple services. This is the reason most online services now advise their users to set different passwords across services. Enterprises can avoid this issue by using multi-factor authentication, implementing solutions for credential protection, risk-based conditional access and more.
Microsoft also revealed that more than two-thirds of incoming attacks on Azure services in 1Q17 came from China and the United States, at 35.1 percent and 32.5 percent, respectively. The third country on that list was Korea with just 3.1%. More than 89 percent of the malicious IP addresses contacted by compromised Azure virtual machines in 1Q17 were located in China, followed by the United States at 4.2 percent. Also, China had one of the highest concentrations of malware hosting sites (45.9 malware hosting sites per 1,000 hosts in March).
Microsoft is trying to improve the online security for its users by various means. For example, Microsoft is enabling Windows Defender Antivirus by default in Windows 10 machines which have no AV installed. Organizations can take advantage of various Microsoft services like Azure Active Directory Identity Protection, Privileged Identity Management, Azure Multi-Factor Authentication (MFA) and Windows Hello for Business to improve the security for their employees.
You can read the full report from Microsoft here.
