Microsoft’s 23rd volume of its annual Security Intelligence Report is now available for download. The report’s conclusions are based on the analysis of threat trends over the past year in both on-premise and cloud services, drawing from hundreds of thousands of attacks on over a billion devices. The release announcement highlights several prominent attack types.
Malware propagating through massive botnets continues to infect millions of devices and IP addresses worldwide. Microsoft points to their takedown of major botnet Gamarue in November 2017 as the reason for a 30% reduction in infected devices since.
Additionally, “Low-hanging fruit” style attacks like phishing continue to be profitable for malicious actors. The tactic, unfortunately, makes a lot of sense: as security software continues to strengthen, human wetware remains vulnerable. To help counter this, Microsoft’s recent addition to Office 365 Threat Intelligence, the Attack Simulator, allows you to test your users’ susceptibility by simulating phishing, password spraying, brute forcing, and other attack types on their accounts.
Thirdly, ransomware continues to be profitable and prevalent, often attacking far faster than IT departments can respond. Three major outbreaks of ransomware struck in the past year—WannaCrypt, Petya/NotPetya, and BadRabbit, crippling hospitals, transportation, and traffic systems all over the globe. Long before ransomware strikes, Microsoft recommends backing up data to preemptively deny any power ransomware might otherwise have.
In the face of these threats, Microsoft advises keeping security practices up-to-date and well maintained. Microsoft’s Secure Score provides a quantitative way of monitoring the state of your security, but keeping that score high involves a variety of time-consuming and easily-forgotten tasks. Recognizing this, Cayosoft has built a set of free analytics and reporting tools designed to not only help you maintain your Secure Score but improve it.