Q1 2017 Microsoft Security Intelligence Report

Ross MacKenzie
Tags: Cloud Research Microsoft

Microsoft has published the 22nd edition of its Security Intelligence Report, designed to offer its customers and the tech industry as a whole insight into the latest cyber security threats and the best practice solutions available to guard against security breaches.

This particular report was the first to share quarterly data, as opposed to bi-annual figures, giving readers greater visibility into the cyber threat landscape.

Let’s take a look at the main talking points and insight to come out of the Microsoft Security Intelligence Report 2017:

Attackers turning their attentions to the cloud

The fast-growing demand for cloud-based storage and programme accounts has seen cyber hackers turn their attention to consumer and Enterprise Microsoft cloud accounts. In fact, there has been a 300 percent year-on-year increase in cloud-based user account attacks. The vast majority of these attacks have occurred due to easily guessed passwords, phishing attacks and breaches of third-party services. The report implores users to use unique passwords for every single website and never reuse the same passwords across multiple accounts.

The evolution of ‘drive-by download’ sites

The report discusses a new era of drive-by download sites which host one or multiple exploits capable of targeting vulnerabilities in a user’s web browser and browser add-ons. Those with vulnerable computers can experience malware installations just by visiting a website, without even having to download any files. That’s due to drive-by download pages which are hosted on legitimate websites. Users are redirected to these exploited pages secretly and if the exploit succeeds, the malware is downloaded discretely onto the user’s machine. In March 2017, Bing detected 0.17 drive-by download pages per 1,000 web pages within its index.

Ransomware attacks on the rise

The report notes a significant increase in the number of ransomware attacks, including prominent security breaches such as Petya and WannaCry, which contributed to the disabling of tens of thousands of machines across the globe in the first half of 2017. Microsoft noted significant targeting of ransomware attacks across eastern Europe, namely in the Czech Republic, Hungary, Romania and Croatia.

The importance of updating your operating systems

Microsoft subsequently reinforced the necessity of regularly updating operating systems and other software so that the latest patches are installed and operational on your machine. It also highly recommends users to enforce all security policies that control user access to sensitive data, limiting corporate network access to approved users, locations and devices. Finally, the report also warns users from using public Wi-Fi hotspots which could encourage cyber attackers to gain unwarranted access to personal data.

A breakdown of phishing site impressions

As part of the report, Microsoft also gathers data on phishing sites and impressions using ‘phishing impressions’ generated by those who use SmartScreen and are warned about accessing a known phishing site. Although the number of phishing sites in the online service industry declined over Q1 2017, there was still two-fifths (40 percent) of all phishing sites operational within this sector alone; followed by financial sites (37 percent), up six percent during Q1 2017.

The report urges vigilance among businesses of all shapes and sizes, as well as individual users online to minimise the spread of potentially damaging exploits and malware.

Related Articles

Running workloads in the cloud, you’re protected. Are you sure?

Cloud won’t protect from a badly architected solution! In this article I'm focusing on Disaster Recovery.

Read More

Cobweb MD highlights the power of cloud in Cloud Industry Forum webinar

How can UK businesses benefit from a cloud-first approach? Discover what our MD, Michael, has to say...

Read More

The Microsoft Exchange hack – a view from the trenches

10,000s of businesses with Exchange on-prem affected. Is now the time to consider Exchange Online?

Read More

Every Teams announcement you missed from Microsoft Ignite 2021

Learn about the latest features to hit Microsoft Teams in the coming weeks and months.

Read More