What's in The 2020 Digital Defense Report?
Microsoft’s Digital Defense Report for 2020 has just been published, providing a snapshot of the state of cybersecurity. The folks in Redmond say they analyze 8 trillion security signals per day, generated by their global customer base. This allows them to identify the current threats, and predict what attackers will do next. Here’s what you need to know...
Key Takeaways From the 2020 Digital Defense Report
Microsoft employs thousands of security experts in 77 countries, whose job it is to interpret data and security signals from Microsoft products, the cloud, and something called “the intelligent edge,” which is not defined in the report. Each month, they, along with machine learning and artificial intelligence software, analyze 18 million URLs, 470 billion emails, 600 billion documents, and over 630 billion “authentication events.”
All of that number crunching enables Microsoft to block in excess of 5 billion threats monthly. And that’s just within the Microsoft ecosystem. Oh, and don’t worry about all that poking around in your web browsing, emails and documents. Microsoft says “These signals are collected with customer privacy in mind. The data we collect depends on the context of your interactions with Microsoft and the choices you make, including your privacy settings and the products and features you use.” So, yeah.
This line from the introduction of the report caught my eye: “Bad actors are skilled and relentless.” At first I wondered why Microsoft was picking on Charlie Sheen and Paris Hilton, but then I realized they were referring to cybercriminals. My bad. The goal of the Digital Defense Report is to help users understand that cybersecurity is an ever-escalating arms race. The bad guys are smart, and when one attack vector is shut down, they look for another. Based on their unique global vantage point, Microsoft hopes to share the best ways to combat those attacks.
Cybercriminals Are Going Phishing
One of the most pressing concerns mentioned in the report was phishing attacks that aim to steal login credentials. Here’s how that works: Malicious emails, crafted to imitate popular brands, are sent to unsuspecting individuals. If a link within the email is clicked, the user is taken to a fake web form to enter their username and password. The victim’s credentials are then harvested and either sold or used to gain access to legitimate websites or corporate networks.
Currently, the most commonly spoofed brands are Amazon, Apple, Microsoft, UPS and Zoom. Microsoft recommends using multi-factor authentication to reduce the risk associated with phishing attacks. See may article [DIGITAL LOCKDOWN] Authenticator Apps Protect Your Accounts for help getting started with authenticator apps.
During the COVID-19 pandemic, there have been many instances of attackers using phishing to impersonate organizations such as the World Health Organization (WHO), Centers for Disease Control (CDC), and the U.S. Department of Health. Your best defense, don’t click. Go directly to the organization’s website for information.
At Microsoft, they regularly educate employees on phishing awareness and prevention. They even test their employees with phishing simulations, and follow up with users who were susceptible, to help them identify key phishing indicators in the future. This is an excellent idea, and should be more widely adopted by businesses and Internet service providers.
Ransomware and Other Current Threats
Other urgent threats identified in the report were ransomware, and attacks on remote workforce infrastructure, and distributed denial of service (DDoS) attacks. Those pertain mostly to attacks on large enterprises, and in the case of ransomware, highly targeted attacks on specific high-value individuals.
That said, ransomware is still a serious threat to individuals. My articles Ransomware is Getting Worse (here's what to do) and [VIGILANCE] Is it Safe to Click That Link? will provide you with practical help on avoiding ransomware and malicious links.
Regardless of whether you are a CEO or a Chief Cook and Bottle Washer, here are some recommendations from the Digital Defense Report that will help you stay safe while using the Internet.
Adopt Multi-Factor Authentication – This is key. Even if your username and password are stolen, they are useless if you use an authenticator app. MFA is strongly recommended for all users, and is available on most popular websites that require a login.
Go Passwordless – If you use Windows 10, consider using a security key, face authentication, fingerprints, or a PIN code instead of a password. See passwordless authentication solutions.
Use Good Email Hygiene – 90% of attacks start with an email, so preventing phishing is crucial. Don’t click email links unless you are absolutely certain where they lead. Also
Patch Apps and Systems – Software vendors are continually releasing updates and security patches. Cybercriminals use vulnerabilities in popular software to gain entry. Make sure that your Windows operating system, and installed software are up to date. See Keep Your Software Up To Date (or else…)
Your thoughts on this topic are welcome. Post your comment or question below…
This article was posted by Bob Rankin on 1 Oct 2020
|For Fun: Buy Bob a Snickers.|
Geekly Update - 30 September 2020
The Top Twenty
Time to Encrypt Your Email?
Post your Comments, Questions or Suggestions
Free Tech Support -- Ask Bob Rankin
Subscribe to AskBobRankin Updates: Free Newsletter
Copyright © 2005 - Bob Rankin - All Rights Reserved
Article information: AskBobRankin -- What's in The 2020 Digital Defense Report? (Posted: 1 Oct 2020)
Copyright © 2005 - Bob Rankin - All Rights Reserved
Most recent comments on "What's in The 2020 Digital Defense Report?"
01 Oct 2020
I like Microsoft's training program idea. I wish they'd provide one for our government representatives and workers. I have serious doubts about the number of people in government who are safety savvy when it comes to computers. Thanks for a great article.
02 Oct 2020
Thank you for all that you do to educate us, BobRankin.
"Go Passwordless – If you use Windows 10, consider using a security key, face authentication, fingerprints, or a PIN code instead of a password."
May I ask how this solution possibly prevents phishing expeditions by the bad actors... or even ransomware?
I am not aware of any current means to hack into Win10 user long-in credentials. These types of threat-damages sound like they occur AFTER a user logs into Win10. Unless, the concern is obtaining Win10 user credentials thru social engineering. In this case, wouldn't simply telling the bad actor that you either have TFA, face recognition (or fingerprint) log-in, rectify the potential problems?
02 Oct 2020
Our organization provides mandatory cyber-security each year. We also do phishing simulations, with follow up training for anyone who falls prey. It really helps people to be more vigilant. These days, it should be required everywhere.
Also, you don’t need to be an employee who uses a computer to fall victim to social manipulation that could lead to a data breach. Any employee might let someone into the building. Doing so without checking for identification, because his uniform “looked
like our pest control guy’s uniform,” for example, puts the business at risk. This person may be safe, but he may also be someone who ends up stealing a laptop or grabbing a stack of papers.