Microsoft security stats and figures for 2019 have been included in their interactive Microsoft Security Intelligence Report, ahead of the release of the next annual report in 2020. The figures give businesses useful insights into the most common security threats of the last year, allowing them to review and adapt their security strategy accordingly.
Microsoft analyses more than 6.5 trillion security signals every day, which gives them the most comprehensive view and understanding of security trends possible. The annual Security Intelligence Report is a useful resource for businesses that want to gain awareness of the current security threats and trends, and adapt their security strategy accordingly.
The report identifies risks in three main areas: identity, cloud threats and endpoint threats, like malware and ransomware encounters. Although the incidences of some types of threat are on the decline, they are still amongst the most frequently occurring threats identified by Microsoft. Here's a quick roundup of the most common security threats of 2019.
Identity threats
Password reuse
One of the biggest identity-based threats is the reuse of the same password for lots of accounts; something lots of us are guilty of. Using the same (or variation of) a password leaves users open to breach replay attacks, where an actor gets the user credentials for one account, then tries these credentials on other accounts. When the user has used the same password on multiple accounts, the hacker will be successful.
Multi-factor authentication (MFA) can massively improve security and reduce the risk of security breaches, even if the same password is used repeatedly. Microsoft research shows that 99.9% of security attacks have been prevented by MFA which would otherwise have been successful.
Cloud threats
Cloud incoming attacks
Cloud providers are prime targets for attackers trying to access and compromise the security of virtual machines and servers. In 2019, 19.95% of attacks in the United States were attacks on Azure, which the Azure Security Centre picked up.
Phishing emails
Phishing emails pose a huge security risk to employees and organisations, particularly in this new age of phishing when attackers use domain spoofing so that their emails look like they have been sent from a legitimate person, company or email address which makes it very easy and tempting for the recipient to open the email. Phishing emails were up by 0.03% month on month during 2019, and up 0.26% on the same month last year comparison.
Drive-by downloads
A drive-by download (Dbd) happens when a user unintentionally downloads malicious to their computer whilst using a website. This code can then infiltrate the network and any vulnerabilities in the user's operating system or web browser. Users can also be infected with malware from visiting websites, without knowing or downloading anything. These websites don't have to be spammy or disreputable; legitimate websites can be hacked by web forms with poor security. In 2019, the country most impacted by drive-by downloads was Oman, with 391.35 DbDs per 1,000 URLs indexed by Bing. The worldwide average was 0.08.
Endpoint threats
Malware encounters
Malware encounter rates for 2019 were down slightly from the year before, with a worldwide average malware encounter rate of 3.31%. This could be attributed to the impending end of life for Windows 7, and the fact that people are starting to use Windows 10 which has more robust security. Ethiopia was the country most impacted by malware, with an average encounter rate of 23.45%.
High rates of malware are usually down to poor security and device hygiene and poor user education around security risks. Using unlicensed software, like illegal streaming sites is a popular route for malware to enter your network. And although malware rates are on the decline, attackers find new ways of infiltrating systems, rather than admitting defeat
Ransomware encounters
Ransomware, when an attacker compromises network security and threatens to delete an organisation’s valuable or confidential data, is less common than malware, but it still happens. The worldwide average encounter rate was 0.03% for 2019. Afghanistan was the country most impacted by ransomware, with an average encounter rate of 0.87%. Because most companies have their files backed up and so don’t have to pay the ransoms anymore, ransomware attaches are on the decline, but there are spikes in attacks, and they are often down to poor security hygiene.
Create a robust security strategy for Microsoft 365 with Core's Security Workshop
With new security threats emerging constantly, now is the perfect time to review your IT security and identify how it can be improved. Core's Security Workshop is a deep-dive into your security strategy, tailored to your unique business needs and with industry compliance in mind. During the workshop, we will help you assess your security landscape, address your most pressing security goals and challenges, and provide an immersive experience that brings to life Microsoft’s security vision and capabilities.
Book yours now.