Microsoft has published its latest Security Intelligence Report (SIR), which it does twice every year. The report covers all security issues it has encountered for the past six months and also divulges how it has responded to the issues. In its latest report, Microsoft has revealed the details, analyzing the threat landscape of exploits, vulnerabilities and malware using data from internet services and over 600 million computers worldwide.
For the first time, the software giant has included some details about the threats hitting its Azure cloud service and how it keeps the endpoints protected, by detecting malware attacks to accelerate responses to help protect customers.
According to SIR, Microsoft’s Machine Learning Systems Processes more than 10 terabytes of data, including information from over 13 billion logins obtained from hundreds of millions of Microsoft Account users and Azure Active Directory Accounts.
Azure Active Directory (AD) provides single sign-in to thousands of cloud(SaaS) apps such as Office 365, Workday, Box, Google Apps and more. It also provides access to on-premises web apps. Azure AD features multi factor authentication, access control based on device health, user location, identity and risk, in addition to holistic security reports, audits and alerts.
SIR reveals that Microsoft processes more than 13 billion requests from hundreds of millions of users per day. This massive scale enables Microsoft to gather an enormous amount of intelligence on malicious behavior, which helps prevent the compromise of Microsoft Accounts and block the use of leaked or stolen credentials. These efforts help protect consumers who use Microsoft Accounts as well as organizations and enterprise customers.
So, how does Microsoft Azure deal with password attacks?
The day passwords were invented in the field of computing technology, attacks have used password based attacks in their attempt to compromise user accounts.
In recent years, hackers’ efforts have been directed at networks, websites, devices and cloud services. Over time, attackers have developed extremely sophisticated means of compromising accounts; phishing, brute force, social engineering, and other types of attacks to obtain user passwords.
When breaches occur on websites and databases across the industry, the credentials that are harvested from such attacks are used in future attacks. They are sometimes compiled into massive lists of leaked and stolen passwords (some of these lists have been found with more than a billion passwords) that are sold, traded, and shared on the Internet- The recent Russian hacker stealing email credentials of over 1.2 billion email accounts is the latest example. Because password reuse across accounts is common, even a single leaked password can provide an attacker with access to every one of a user’s accounts.
To prevent and mitigate such attacks, Microsoft uses a multi-layered system of protection mechanisms. The keystone of these protection systems is machine learning. Every day, Microsoft machine learning systems process more than 10 terabytes of data, including information on more than 13 billion requests from hundreds of millions of Microsoft Account users. These systems are powerful tools that enable Microsoft protection systems to aggregate and analyze huge big data sets to take timely action.
Microsoft also uses tools such as incorrect password lockout and location-based blocking. Multiple algorithms analyze a wide range of data produced by Microsoft systems, working in real-time to stop attacks before they are successful, and retroactively to swiftly remediate compromised accounts and revoke any access that an attacker might have obtained.
As per the data available in SIR, it is confirmed that Microsoft’s accounts protection system automatically detects and prevents more than 10 million attacks, from tens of thousands of locations, including millions of attacks where the attacker has valid credentials.
In the year 2015, it is estimated that Microsoft detected and prevented over 4 billion attacks on its Azure cloud platform.
Azure’s security engineers as soon as the discovery something fish, keep a tab of those accounts and enter them into account recovery process that allows only the rightful owner to regain sole access. Microsoft Account users can also check the recent sign-in activity for their Microsoft account and report suspicious activity.
For accounts linked to organizations, the report of potentially fraudulent login attempts and compromised accounts is passed on to organizations via access and usage reports provide by Microsoft Azure Active Directory Premium.
One of the factors that the machine learning system uses to block login attempts is whether the location of the login attempt is a familiar location to the legitimate user. Compromised login attempts that were blocked during the second half of 2015 were attempted from unfamiliar locations almost three quarters of the time. This is where the location feature on your latest Windows 10 OS laptop offers a lot of reliable assistance.
Thus, Microsoft Azure and is team of engineers are trying their best in keeping bad guys at bay.
To help them, consumers and organizations can do a number of things to help mitigate the threat of account compromise as a result of password based attacks.
Remember, the security of your account is particularly important if your username is an email address, because other services may rely on your email address to verify your identity.
Hence, under these circumstances, if an attacker takes over your account, they may be able to take over your other accounts too (like banking and online shopping) by resetting your passwords by email.
So, follow these tips while creating a strong and unique password
- Please do not use the password which is same or similar to the one you use for your banking or email accounts.
- Also use a combination of alpha-numeric password which includes special characters for creating the password.
- Do not use a single word or a commonly used phrase
- Do not use password which are easy to guess like data of birth, tennis players, clothing brands or shoe brands
- Opt for a two-step verification as it boosts account security
- Organizations should take full advantage of Azure Active Directory Identity Protection to keep their accounts safe from any kind of fraudulent activity. Azure is a reliable platform and so StoneFly encourages its users to store their data on this cloud storage platform.
Since, Microsoft has a dedicated team to keep hackers at bay; companies like StoneFly are offering StoneFly Cloud Drive services on Microsoft Azure for users who want to have virtual drive services to expand their on-premises storage or to avail advanced disaster recovery services for their business critical data.