Key takeaways from the Q1 2017 Microsoft Security Intelligence Report
Microsoft has published the 22nd edition of its Security Intelligence Report, designed to offer its customers and the tech industry as a whole insight into the latest cyber security threats and the best practice solutions available to guard against security breaches.
This particular report was the first to share quarterly data, as opposed to bi-annual figures, giving readers greater visibility into the cyber threat landscape.
Let’s take a look at the main talking points and insight to come out of the Microsoft Security Intelligence Report 2017:
Attackers turning their attentions to the cloud
The fast-growing demand for cloud-based storage and programme accounts has seen cyber hackers turn their attention to consumer and Enterprise Microsoft cloud accounts. In fact, there has been a 300 percent year-on-year increase in cloud-based user account attacks. The vast majority of these attacks have occurred due to easily guessed passwords, phishing attacks and breaches of third-party services. The report implores users to use unique passwords for every single website and never reuse the same passwords across multiple accounts.
The evolution of ‘drive-by download’ sites
The report discusses a new era of drive-by download sites which host one or multiple exploits capable of targeting vulnerabilities in a user’s web browser and browser add-ons. Those with vulnerable computers can experience malware installations just by visiting a website, without even having to download any files. That’s due to drive-by download pages which are hosted on legitimate websites. Users are redirected to these exploited pages secretly and if the exploit succeeds, the malware is downloaded discretely onto the user’s machine. In March 2017, Bing detected 0.17 drive-by download pages per 1,000 web pages within its index.
Ransomware attacks on the rise
The report notes a significant increase in the number of ransomware attacks, including prominent security breaches such as Petya and WannaCry, which contributed to the disabling of tens of thousands of machines across the globe in the first half of 2017. Microsoft noted significant targeting of ransomware attacks across eastern Europe, namely in the Czech Republic, Hungary, Romania and Croatia.
The importance of updating your operating systems
Microsoft subsequently reinforced the necessity of regularly updating operating systems and other software so that the latest patches are installed and operational on your machine. It also highly recommends users to enforce all security policies that control user access to sensitive data, limiting corporate network access to approved users, locations and devices. Finally, the report also warns users from using public Wi-Fi hotspots which could encourage cyber attackers to gain unwarranted access to personal data.
A breakdown of phishing site impressions
As part of the report, Microsoft also gathers data on phishing sites and impressions using ‘phishing impressions’ generated by those who use SmartScreen and are warned about accessing a known phishing site. Although the number of phishing sites in the online service industry declined over Q1 2017, there was still two-fifths (40 percent) of all phishing sites operational within this sector alone; followed by financial sites (37 percent), up six percent during Q1 2017.
The report urges vigilance among businesses of all shapes and sizes, as well as individual users online to minimise the spread of potentially damaging exploits and malware.
You can download a copy of the Microsoft Security Intelligence Report, volume 22, from the Microsoft website, and if you’d like more information about enhancing security for your business, call any of the Cobweb team on 0333 0095 5941, or you can email firstname.lastname@example.org and one of the team will call you back.