CYBERSECURITY | Microsoft defines digital threat landscape in PH
Cybersecurity has become a complex and critical imperative today and the need for improved cybersecurity and resiliency has driven governments and organizations the world over into a complex race to adapt and respond to threats, in order to continue providing critical services for the wellbeing and safety of their citizens. In response, Microsoft recently released its Microsoft Digital Defense Report 2022, which dives into today’s most relevant and pressing cybersecurity issues and examines the evolving global threat landscape.
The annual report was first released by Microsoft in 2020, drawing on the company’s unique vantage point on security. With billions of global customers, Microsoft is able to aggregate security data from over 1.4 billion devices powered by Windows worldwide and 43 trillion signals and threats analyzed daily. These factors, along with a $20 billion investment in cloud security over the next five years, gives Microsoft a high-fidelity picture of the current state of cybersecurity. The report shares unique insights on impending digital threats from over 130 Microsoft experts and contributors, offers real-world guidance, and outlines crucial actions that can help improve cybersecurity and resiliency across ecosystems and industries.
The state of cybercrime
Cybercriminals continue to act as sophisticated profit enterprises. Attackers are finding new ways to implement their techniques, increasing the complexity of how and where they host campaign operation infrastructure. Microsoft’s report highlights two of the most rampant cyberattacks, ransomware and phishing, then puts them into the context of nation state threats.
Organizations worldwide have experienced a steady growth in ransomware attacks beginning in 2019. However, law enforcement operations and geopolitical events in the last year had a significant impact on cybercriminal organizations. In the last year alone, the number of estimated password attacks per second increased by 74%. Many of these fueled ransomware attacks, leading to ransom demands that more than doubled.
At the same time, there has been a steady year-over-year increase in phishing emails. The shift to remote work in 2020 and 2021 saw a substantial increase in phishing attacks aiming to capitalize on the changing work environment. Phishing attacks—a common entry point for most cyberattacks—have increased by over 300% worldwide, with over 710 million phishing emails blocked weekly in 2021 alone.
The two cyberattacks are only amplified by nation state threats—cyber threat activities that originate in a specific country with the apparent intent of furthering national interests. In recent years, nation state threats have caused growing tension between countries, which further drives the importance of strengthening cybersecurity postures. Microsoft underscores that nation state groups’ targeting of critical infrastructure increased by 40% in the past year alone, with actors focusing on companies in the IT sector, financial services, transportation systems, and communications infrastructure.
“Cybercrime has grown more intricate over the years. We are seeing attacks that are much faster, more deliberate, and smarter,” said Abbas Kudrati, chief cyber security advisor of Microsoft Asia Pacific. “The trillions of data signals we analyze from our worldwide ecosystem of products and services reveal the ferocity, scope, and scale of digital threats across the globe. Microsoft is taking action to defend our customers and the digital ecosystem against these threats, and throughout the Digital Defense Report we offer our best advice on the steps individuals, organizations, and enterprises can take to defend against these increasing digital threats..”
Good cyber hygiene
Insights from the Microsoft Digital Defense Report 2022 make it clear that to minimize risks and losses, governments and organizations must first have a solid cyber resiliency foundation.
“Given the increase of rampant cyberattacks, we cannot guarantee 100% security against cybercrime. However, we need to start thinking about how we can create a more resilient environment,” said Kudrati. “Organizations need to develop a plan that focuses on minimizing the impact and improving recovery time against attacks. It is crucial for them to find the right technology to keep them protected and resilient.”
Microsoft emphasized the importance of adherence to basic security practices and behaviors—enabling multi-factor authentication, applying security patches, being intentional about privileged s, and deploying modern security solutions from any leading provider. The average enterprise has 3,500 connected devices that are not protected by basic endpoint protections, and attackers take advantage.
It is also critical to detect attacks early. In many cases, the outcome of a cyberattack is determined long before the attack begins. Attackers use vulnerable environments to gain initial access, conduct surveillance and wreak havoc by lateral movement and encryption or exfiltration.
Finally, as this year’s report explores, bridging the security skills gap and increasing the security professional population must be addressed by the private sector and governments alike—and organizations need to make security a part of their culture.
Safer, resilient cyberspace
In recent years, Microsoft has worked closely with the Philippine government to activate a number of policies and frameworks such the Critical Infrastructure Protection Act proposed by the Senate, DICT’s Cloud-First Policy and an AI Governance Framework to ensure the responsible use of artificial intelligence across both public and private sectors.
As the new Philippine administration looks towards refreshing the National Cybersecurity Plan alongside its prioritization of digital acceleration, Microsoft is partnering with national government agencies to build a safer cyberspace for the nation and its citizens. The massive number of signals it receives and analyzes allows Microsoft to assess the threat landscape and provide data-driven insights to support the development of Philippine policies on cybersecurity.
“The Philippines ranked 61st to 194 countries in the ITU Global Cybersecurity Index. If you probe a bit deeper, one of the pillars we need to improve on the most is organizational measures, which refers to the nation’s cybersecurity strategy and its implementation,” said Dale Jose, national technology and security officer of Microsoft Philippines, “It is more crucial than ever to develop a better cyber defense posture in the country as it is fundamental to establishing stronger grounds for digitalization. Now, we put the MDDR into the Philippine context and discuss action points the government must prioritize in order to prepare for, respond to, and recover from cyberattacks and security breaches.”
For this, Microsoft’s policy recommendations for the Philippine government include:
· Assessing the feasibility of adopting zero trust principles
· Protecting the country’s critical through consistent security baselines
· Strengthening incident response and recovery through a reporting obligation
· Building interoperability and cooperation to address the growing threat of cybercrime;
· Advancing information sharing for cybersecurity deference and response
· Leveraging hyperscale cloud technology to improve cybersecurity and operational resiliency
· Fostering enhanced supply chain security
· Enhancing cybersecurity transparency and assurance through certifications and labels
· Strengthening the Internet of Things (IoT) security
· Responding to new and ongoing AI security risks and opportunities
· Advancing 5G infrastructure security
Microsoft is also joining hands with its customers, partners and communities to foster collaboration, share knowledge and further build strength in security for organizations nationwide. Most recently, Microsoft partnered with the Information Security Officers Group (ISOG) to dive into the findings of the Microsoft Digital Defense Report 2022 for the C-level and security experts in their community.
“Microsoft has been a partner to the Philippines for nearly thirty years and we will continue to do so even as technology evolves and changes the world we live in. We are committed to helping organizations work towards a more secure and resilient future,” said Jose.
Microsoft also releases a quarterly cyberthreat intelligence brief called Cyber Signals, which offers an expert perspective into the current threat landscape, discussing trending tactics, techniques and strategies used by the world’s most prolific threat actors. As such, it is a valuable resource to Chief Information Security Officers, Chief information Officers, Chief Privacy Officers and their teams as they evolve technologies, policies and processes.
WATCH: TECHSABADO and ‘TODAY IS TUESDAY’ LIVESTREAM on YOUTUBE