Q1 2017 Microsoft Security Intelligence Report

Categories: Security & Backup

Microsoft’s Q1 2017 Security Intelligence Report is the 22nd edition of the report.

Produced to update customers and those in the tech industry itself on current cyber security threats and the solutions available to protect against breaches, this particular report uses quarterly data rather than bi-annual figures to give even greater visibility into the cyber threat landscape.

Key takeaways from the report are summarised below:

300% year-on-year increase in cloud attacks

As the move to the cloud continues to grow across industry and market, so the cyber criminals are increasingly targeting these cloud storage and processing areas. The greatest number of attacks are said to result from the use of weak passwords, phishing attacks, or breaches of third-party services. The report stresses the importance of creating a unique password for every application used or website visited, reinforcing best practice of never using the same password across multiple accounts.

Drive-by download sites

The paper highlights a figure from Bing, reporting 0.17 drive-by download pages per 1,000 web pages within its index for March 2017. These drive-by download sites can host multiple exploits, targeting vulnerabilities in web browsers and browser add-ons, with the result that these users can experience malware installations purely by visiting a website – without actually downloading a file. Download pages are hosted on legitimate websites, with users covertly redirected to exploited pages, and malware downloaded secretly onto the user’s device.

Ransomware attacks increasing

Microsoft reports a marked rise in incidents of ransomware attacks, as examples the recent WannaCry and Petya attacks, which affected thousands worldwide. In particular, there has been a significant increase in attacks targeting eastern Europe, and notably the Czech Republic, Hungary, Romania and Croatia.

Implementing updates and patches

A major message from the report reinforces the importance of regularly updating and implementing patches for operating systems and applications. Microsoft also highlights the necessity of ensuring that security policies are enforced – whether regulating access to sensitive data or restricting network access to approved users. A further recommendation is to ban use of public Wi-Fi services for corporate purposes.

Phishing site impressions

Microsoft collates information about phishing sites and phishing impressions produced by users who have enabled the Phishing Filter or SmartScreen Filter in Internet Explorer, and who subsequently receive a warning about accessing a known phishing site. The report notes a reduction in number of phishing sites in the online service industry during Q1 2017, but stresses that 40 percent of all phishing sites operational are still within this sector, with 37 percent financially focused (an increase of six percent).

Microsoft reinforces the need for organisations as a whole as well as individual users within the organisation to be continually alert to the potential of cyberattack, and observe practices and procedures to minimise the spread of malware.

A copy of the Microsoft Security Intelligence Report, volume 22, can be downloaded from the Microsoft website.

Related Articles

Vuzion Cloud Awards 2022 - shortlist announced

Thank you to all Partners who submitted entries for the UK Vuzion Awards 2022. We are now delighted to announce the shortlist!

Power Platform might just be the solution you need

Power Platform is incredibly well-suited to tackle these difficult problems, due to its ability to digitise systems and processes wi...

Microsoft announce extension to 72hr cancellation window for NCE Per Seat

After months of passionate partner feedback, Microsoft announced yesterday evening that they are updating the change and cancellatio...

Microsoft Announce Changes to their Cloud Partner Program

Well, it has been quite a year for Microsoft announcements (I am thinking Microsoft 365 price rise and NCE per Seat of course) and l...