Microsoft has released the security report that took the photo of the cyber attack area. In the published report, it was mentioned that some ransomware attacks last less than 45 minutes and e-mail phishing has started to increase.
In 2018, Microsoft retired the Microsoft Security Intelligence Report, which has provided a glimpse of major events and trends in cybersecurity for years. The company made this mistake back today and rebranded it as Microsoft Digital Defense Report.
The company published an 88-page report that includes July 2019 – June 2020 data. In its report, the company has drawn a picture of the common threats companies have to face.
Microsoft’s cyberattacks report
Microsoft announced that cybercriminal groups have used the COVID-19 outbreak this year to lure users, but they are only part of the overall malware ecosystem. According to the news in Zdnet, the epidemic played a minimal role in this year’s malware attacks.
Email phishing for businesses continues to grow, becoming a dominant vector. The company announced that it blocked more than 13 billion malicious and suspicious emails in 2019. More than 1 billion of these emails had URLs created for password hunting purposes.
The company said hackers are also starting to adopt password reuse and password spray attacks against IMAP and SMTP email protocols. The reason these attacks have become popular is that IMAP and SMTP do not support the multi-factor authentication feature, so attackers can bypass it.
The tech giant has announced that the most devastating cybercrime threat in the past year is ransomware gangs. Microsoft’s biggest headaches were the groups known as “big game hunters” and “human-operated ransomware”. These groups specifically targeted networks belonging to large corporations or government organizations.
Microsoft said this year ransomware gangs are very active and have drastically reduced the time they need to launch an attack. The company said some of these attacks took less than 45 minutes.
Supply chain security
Another attack Microsoft noted in its report was supply chain attacks. In this type of attack, after attacking a target, the attacker uses the target’s own infrastructure to attack all its customers individually or simultaneously.
Although the company has stated that there is an increase in these attacks, supply chain attacks have a very small share in the total. Of course, whatever happens, this does not constitute an excuse for not taking the necessary measures.
In the published report, it was stated that the nation-state hacking groups had a very busy year. The company stated that it sent more than 13,000 nation-state notifications to its users between July 2019 and June 2020. Microsoft also announced that the vast majority of these attacks were Russian-backed hacking groups, and the majority of targets were in the United States.
One of the interesting information in the report was the targets of these attacks. According to the report, the main targets of these nation-state groups were towards non-state organizations. Another interesting point is that these attacks target organizations outside of critical infrastructure sectors.