Microsoft Gold Partner

Blog of Resilience

Cyber Resilience: Microsoft’s Security Report 2022

Posted on December 8, 2022

Estimated reading time 4 minutes

Microsoft’s Digital Defense Report 2022 is now in its third year and offers an illuminating study of the current threat landscape in light of the growing number of cyber-attacks carried out by nation-state actors and cybercriminals.

It makes for some alarming reading. Advancements in automation and the rise of remote working have revealed that many organisations are vulnerable to things like password assaults, firmware and ransomware attacks. To illustrate, 921 password attacks occur every second, a 74% rise from last year’s figures.

You can read the full report here. But in this article, we will summarise the key findings businesses must take on board to protect themselves, against what

Microsoft have coined as ‘Hybrid war tactics’ deployed by bad actors working on behalf of hostile state actors and even, in some cases, organisational insiders.

Topline stats from Microsoft’s Cyber Security Report 2022

The Microsoft Security team measured trillions of signals across its ecosystem between July 2021 and June 2022. They compiled the following statistics business leaders should be aware of when it comes to the state of worldwide cyber resilience today:

  • Half of Microsoft’s security recovery engagements were the result of ransomware attacks. In addition, 93% of cybersecurity incidents were attributed to insufficient privilege access and lateral movement controls.
  • There are an average of 119 million attacks against remote management systems every month worldwide. In May 2022 alone, over 100 million remote devices were targeted by cyber attackers, a five-fold increase on last year’s numbers.
  • 80% of cybersecurity attacks could have been prevented if the right tools and technologies were in place.

These figures show that cyber attacks on businesses have become more prevalent and complex, requiring organisations to up their game and invest in cybersecurity procedures and tools to safeguard all employees and customers.

Along with building up individual cyber resilience, governments must also work to strengthen IoT and OT (operational technology) security to safeguard vital infrastructure. Cybersecurity initiatives, such as the FCA’s operational resilience mandate, must guarantee the widespread adoption of security controls over the next few years, making globally standardised IT security measures accessible to all.

Alternatively, nations that do not plan for the security threats posed by hybrid warfare risk falling victim to Cyber Darwinism in the coming years. Cyber Darwinism is the notion that countries with proper security measures will attract the greatest number of businesses. Those with poor provisions, in contrast, will take a substantial economic hit as company owners fear their enterprise data will not be protected to the same extent. To learn more about Cyber Darwinism and the future cybersecurity landscape, check out this previous article.

The following section outlines how companies can respond to evolving cyber threats and improve their performance with modernised cybersecurity technologies.

Tips for building cyber resilience based on Microsoft security findings

Cybersecurity is integral to the success of modern businesses. The pandemic forced businesses to re-evaluate security protocols and technologies and make them more robust. But, of course, threat actors have persisted in exploiting weaknesses left open by businesses looking to transition to work-from-anywhere operational models.

To that end, the Digital Defense Report puts forward urgent recommendations to enterprises and managed IT service vendors like Atech translate those into the services we deliver for our customers. These measures are designed to help reduce the attack surface for cybercriminals and provide enterprises with the tools to stay one step ahead of their malicious tactics.

Detect exploitation of Zero-Day Vulnerability

Zero-day vulnerabilities refer to attacks where cybercriminals exploit a software security hole before vendors or security teams realise there’s an issue. Essentially, they have had no time to add a patch and resolve the problem before it affects users. Within the Microsoft report, the authors have identified the origin of many of these attacks. The Microsoft Intelligent Security graph is informed by trillions of signals globally, from a range of sources including Botnet data from Microsoft Digital Crimes Unit. These powerful insights benefit each of our customers.

Zero-day attacks can be avoided by fixing vulnerabilities right away and not waiting for patch management cycles to deploy. Furthermore, auditing all software and devices at regular intervals can help IT teams predict where they need to install patches to prevent these attacks.

Defend OT and IoT tools from firmware attacks

Firmware is software incorporated into the baseline hardware of internet-enabled devices. And as more links in our global supply chain utilise IoT tools, attackers increasingly exploit firmware vulnerabilities and conduct highly destructive strikes on critical infrastructures, such as utility companies.

Microsoft found that 32% of the firmware images examined revealed at least ten crucial vulnerabilities. So urgent action, such as endpoint security monitoring, is needed to ensure that all operational technologies (OT) and IoT firmware stays safe.

Deter internal users from breaching endpoint security

Studies reveal that 82% of cyber breaches are caused by human error. Deterring inside threat actors and educating employees on the dangers their negligence can inflict on IT systems is fundamental to protecting organisations. Atech offers one-to-one user safety training seminars (find out more about these security presentations here) to help spread company awareness.

However, modernising systems and implementing a zero-trust approach and an identity-based model in your IT architecture is even more vital in managing security protocols within hybrid working environments.

Disrupt cyberattacks before they become a broader issue

Company stakeholders need to understand the mounting threats to enterprises and endpoint security before implementing new digital transformation strategies within their business.

Cyber resiliency requires a flexible and comprehensive approach. This means companies need to plan and budget for real-time response capabilities, proactive threat and vulnerability detection and elimination protocols with the help of managed IT security teams like Atech.

Experts in the field of cybersecurity can help your IT teams identify new methods of attacks and fortify your systems before you become a target. Our SOC team continually researches cyber security trends and develop client solutions for these. They are certified in the latest Microsoft tools to help your company improve operational performance and protect users and data at all times.

Atech’s pure-play Microsoft SOC services offer the best defence against evolving cybersecurity risks

In summary, the cyber security report recommends that the most important thing companies can do is focus on the security fundamentals. These include activating multi-factor authentication, installing security patches, being deliberate about who has privileged access to systems and deploying cutting-edge endpoint security solutions from a reputable vendor like Atech.

We have advanced Microsoft security credentials and years of expertise in protecting businesses of all sizes and types from cyber attack risk. If you want to learn more about our second-to-none SOC services, don’t hesitate to contact us now.

How can we help?

 
As Microsoft accredited cloud service providers we’ve got the tools and talent to put the incredible potential of cloud technology at the heart of your operation.

Fill in the form to speak to one of our cloud consultants about your cloud project. Let’s get the conversation started.


 


    First name
    Last name
    Email
    Phone
    Message