Microsoft’s large installed base of enterprise software in the form of Windows 10, Office 365, and Azure give the company a unique perspective on the trends shaping cybersecurity. Microsoft uses the breadth and scope of this information to assess current security threats and identify emerging trends, which it then publishes in what it calls the Microsoft Security Intelligence Report.

Volume 22 of the Microsoft Security Intelligence Report was published in August 2017 and it reveals some disturbing trends that every enterprise, regardless of what operating system or cloud services they deploy, should take very seriously. Covering just the first quarter of 2017, Volume 22 of the report shows that attacks targeting cloud services specifically are growing quickly.

So while Microsoft may be touting the benefits of intelligent cloud services to customers, criminal elements are increasingly viewing those cloud services as potential security vulnerabilities.

SEE: How to build a successful career in cybersecurity (TechRepublic PDF)

Microsoft Security Intelligence Report

As more and more enterprise systems have moved to the cloud, more and more malicious attacks on cloud services have followed. According the Microsoft report, there was a “300 percent increase in Microsoft cloud-based user accounts attacked year-over-year.” The attacks on cloud services can be traced to all countries of the world, but in the case of Azure specifically, some 35% originated in China, with another 32% coming from the United States.

Ransomware, while garnering many headlines in 2017, actually affects enterprises from various parts of the world much differently. For example, ransomware is a major headache for many European countries, while the activity is almost trivial for the United States, China, and Japan. However, that does not mean those counties are not vulnerable–criminal activity changes just as fast as technology changes.

The report also shows that the security vulnerability most often exploited by criminals is stolen or compromised account sign-in credentials. Whether the passwords are stolen, guessed because they are too simple, or acquired through social engineering, people and passwords remain the weak link when it comes to enterprise security.


Take steps

Even though cloud services benefit enterprises in many ways, they are still information technology systems and as such are vulnerable to criminal security breaches just like on-premise systems. The cloud does not remove the human problem. Enterprises must continue to employ and enforce solid security protocols, such as:

  • Reducing the risk of credential compromise by educating users.
  • Enforcing security policies that control access to sensitive data.
  • Avoiding access to corporate systems using Wi-Fi hotspots and other unsecure networks.
  • Updating operating systems and other enterprise software on a regular basis.

SEE: Cloud computing security: This is where you’ll be spending the money (ZDNet)

Bottom line

Volume 22 of the Microsoft Security Intelligence Report reveals some disturbing trends regarding cybersecurity in the enterprise and the criminal elements that are trying to gain malicious access. No matter where sensitive data is located, on premises or in the cloud, individuals and organizations with criminal intent will try to access it. The prominence of cloud services like Azure does not change the main vulnerability in this equation–people.

As long as people, with all their human foibles, quirks, and weaknesses, are part of the security equation, enterprises will have to contend with data breaches, cloud or not. And as you can see from the report, attacks in the cloud are rising dramatically. Enterprises have their work cut out for them–let’s hope they are up to the task.

Also read…

Your thoughts

Is the password protocol in your enterprise strong enough? Is it enforced? Has IT relaxed because of the cloud? Share your thoughts and opinions with your peers at TechRepublic in the discussion thread below.