Microsoft has released a new report outlining enterprise cyberattack trends in the past year (July 2019 – June 2020) and offering advice on how organizations can protect themselves.
Based on over 8 trillion daily security signals and observations from the company’s security and threat intelligence experts, the Microsoft Digital Defense Report 2020 draws a distinction between attacks mounted by cybercriminals and those by nation-state attackers.
The cybercrime threat
In the past year, cybercriminals:
Were quick to exploit the fear and uncertainty associated with COVID-19 as a lure in phishing emails, and the popularity of some SaaS offerings and other services
Exploited the lack of basic security hygiene and well-known vulnerabilities to gain access to enterprise systems and networks
Exploited supply chain (in)security by hitting vulnerable third-party services, open source software and IoT devices and using them as a way into the target organization
More often than not, phishing emails impersonate a well-known service such as Office 365 (Microsoft), Zoom, Amazon or Apple, in an attempt to harvest login credentials.
“While credential phishing and BEC continue to be the dominant variations, we also see attacks on a user’s identity and credential being attempted via password reuse and password spray attacks using legacy email protocols such as IMAP and SMTP,” Microsoft noted.
The attackers’ reason for exploiting these legacy authentication protocols is simple: they don’t support multi-factor authentication (MFA). Microsoft advises on enabling MFA and disabling legacy authentication.
Cybercriminals are also:
Increasingly use cloud services and compromised email and web hosting infrastructures to orchestrate phishing campaigns
Rapidly changi ..