Microsoft’s biannual Security Intelligence Report, a study of the computer security landscape around the world, was released during the first week of May this year. The report includes a myriad of data involving which types of malware affects people, what countries are increasingly being attacked, among other security information.
Security Intelligence Report included data from Microsoft’s cloud operations. Azure Active Directory handles all login information for Office 365 customers; more than half a billion users across 8 million corporations, with about a billion logins in a day.
This database is utilised by Microsoft for their machine learning systems, building replicas of user behavior while also searching for any irregularities in their systems. This is also congruent to their innovative Windows Defender Advance Threat Protection, and their report is in line with it.
Of the more than one billion logins daily, a majority are fake or malicious. These attempts often do not have the correct login or password; however, these login credentials are frequently stolen – especially when users use the same login credentials in their devices and accounts. Their processes are able to detect these fraudulent logins through IP addresses or time zones, stopping these hackers from accessing an account or device.
IT- managed systems usually encounter less malware compared to those that aren’t; 11% and 22% respectively.
Suspected compromised accounts go through a two-step verification, which Microsoft reports more than 10 million attacks are stopped daily. A majority of these attempts have the correct password but do not pass the second step of the verification. IP addresses that are found to repeatedly attempt fraudulent logins are blocked from the Microsoft accounts. About half of all blocked IP addresses are from Asia, while 20% comes from South America.
The Microsoft database displayed noticeable differences in systems managed by an IT department and those that aren’t. IT- managed systems usually encounter less malware compared to those that aren’t; 11% and 22% respectively.
Malware, according to Microsoft’s report, can be classified as all types of viruses, worms, adware, Trojans, and unwanted browser extensions. Systems not managed by IT departments had more cases for all but one type of malware. Ransomware was more commonly found on IT-managed computers; especially as they have been attacking hospitals and other government institutions lately. The likelihood of an enterprise paying a heftier sum compared to a normal individual makes them more attractive as targets for ransomware attacks.
Experts pointed out some aberrations with the published data as the second most common malware found was CplLnk, an exploit that targets Windows users. CplLnk allows the hacker to execute a program when an infected USB device is attached to their computer. It became known as one of the many zero-day flaws by Stuxnet, which many experts think was created by intelligence agencies from Israel and the US to attack an Iranian nuclear plant.
This flaw was addressed by Microsoft in 2010, and Windows 8 and 10 have never been vulnerable to it. This means that systems should not be affected by this flaw; however, it still exists online – leading experts to believe hackers still find it useful to this day.
A majority of the devices studied in Microsoft’s report usually have anti-malware protection from Microsoft itself or a third party program; while only about 25% of computers lack protection or only have irregular protection. Of the systems that had malware removed, systems that had anti-malware were half as common compared to those without (or have inconsistent) protection.
Like any study, this one leaves room for error. There have been cases of malware being able to deactivate security software, but it is still advisable to have the latest security programs to aid in reducing computer system infections. Some experts stress that common sense plays a big role in protecting oneself from malware, but having the latest security software does not hurt yourself or your files.
Comprehensive multi-device protection for you and your family for up to 6 PCs, Macs, Android, and iOS devices. For more info click here.