Microsoft has published its 22nd bi-annual Security Intelligence Report (SIR), detailing the global trends in malicious behavior both on and offline. The report collects data from across Microsoft’s portfolio of services and software, and takes a broad look at emerging threats and mitigating efforts on the part of security researchers.
The Security Intelligence Report can be a valuable tool for those in the industry keeping track of the ever-changing nature of digital security measures. Published on the company’s security site, SIR volume 22 brings to light attacks against Microsoft Cloud infrastructure, Microsoft user accounts, and other targeted attacks over the first half of 2017.
Some of the highlights, according to the researchers who put this together, include the fact that user account attacks, those targeting credentials, have jumped by 300% compared to the same time last year. This signals a continuing trend towards generalized attacks against end-users, spurred on by “weak, guessable passwords and poor password management”. Third party breaches or leaks of credentials were also on the rise, with malicious actors taking advantage and hoovering up large troves of credentials, to be reused later.
Switching gears to desktop and physical machines running Microsoft software, the report says the regions with the highest incidence of malware attacks were Bangladesh, Pakistan, Indonesia, and Egypt for this period, with an average encounter rate of 24%. That means out of all the machines running Microsoft security products and sending telemetry back to the company in those regions, 24% encountered malware. However, an encounter doesn’t necessarily mean an infection. As a comparison, North America saw between 0 and 5% encounter rates.
The report also mentions the widespread ransomware attacks, from the likes of Petya and WannaCrypt (WannaCry), which did some serious damage earlier in the year. Microsoft is quick to highlight however, that up to date systems were rarely affected.
Finally, looking at online-hosted malware, Microsoft found some interesting phenomena taking place. For one thing, China had one of the lowest concentrations of phishing websites on the planet. However, it has one of the highest concentration of websites hosting malware. Meanwhile, Japan, the US and South Korea, had “unusually low” rates of malware-infected domains.
For a much more detailed look at the attacks and the security trends of this year’s first half, as well as more statistics and info on the malware and attacks presented, be sure to check out the source link below.
Source: Microsoft Security Intelligence Report volume 22 (pdf)