Skip to content
Microsoft Industry Blogs – United Kingdom

As we all become increasingly connected and our customer’s personal data is stored in the cloud or on other systems, the way this information is stored becomes more and more important.

Not only does having secure and compliant systems mean it’s easy to ensure the data stays safe, but it also keeps you in line with GDPR.

Perhaps most importantly, a cyber breach is a huge reputational risk and ruins the customer experience – not only has their data been stolen, but they’re affected by any downtime that occurs.

It’s important to make sure organisations and their employees are aware of the latest threats and how best to protect against them. Here are three cyber threats you should be aware of:

1. Botnets

A bot is a program that allows an attacker to take control of an infected computer. A botnet is a network of these computers that communicate with a server.

These botnets are harnessed by cyber criminals for a variety of online attacks such as to send spam, denial-of-service attacks on websites, to spread malware, and much more.

In 2017 Microsoft’s Digital Crimes Unit tackled Gamarue, a leading botnet that has infected more than 23 million IP addresses.

Microsoft analysed over 44,000 malware samples that revealed Gamarue’s sprawling infrastructure, which has included threats such as Petya ransomware, DDoS attack bots, info-stealing malware, and spam bots. Since the Gamarue disruption, there has been a 30% decrease in victims worldwide.

Infected devices per month graph

In order to protect your organisation against botnets, look for a solution that harnesses advanced machine learning. Windows Defender ATP uses the power of the cloud, machine learning and behaviour analytics to detect, protect and respond.

2. Easy mark attack methods

As we incorporate stronger security measures on our systems, hackers are finding it harder to get into these systems.

As such, hackers are now focussing more on the ‘low hanging fruit’ such as social engineering or poorly secured cloud apps.

Humans are often the weakest link in cyber security. All it takes is one person in your organisation clicking a malicious link or opening a phishing email and your data could be compromised. Phishing was the top threat vector for Office 365-based threats during the second half of 2017.

From November 2017 – January 2018 there were approximately 180,000,000–200,000,000 detected by Microsoft. These often impersonate popular brands such as Microsoft, Amazon, FedEx, banks and government services.

The best defence against phishing is employee education and training. An employee that spots and reports a suspicious email could head off an extensive phishing campaign before it does damage.

Cloud app adoption is rising to support business productivity, but a lack of security infrastructure could be compromising data. Our research says that 79% of SaaS storage apps and 86% of SaaS collaboration apps do not encrypt data both at rest and in transit.

SaaS graphs

For visibility and control over all cloud apps usage across the enterprise, use a cloud access security broker (CASB) security solution such as Microsoft Cloud App Security and ensure you keep system software updated

3. Ransomware

Ransomware graphics

The most famous ransomware attack of 2017 was WannaCrypt, which hit the NHS and other systems around the world, bringing down critical services. It affected over 230,000 computers – one of the largest attacks ever.

Ransomware does, as the name suggests, infect and encrypt files (or entire disks) to prevent access until a ransom is paid – with no guarantee victims will regain access.

Ransomware was one of the types of malware distributed by botnets such as Gamarue and is also used via some ‘low hanging fruit’ channels such as phishing emails.

Ensure you have destruction-resistant backups of critical systems and data so you can recover them in case of an attack. Most importantly, ensure these backups are updated and working.

Protect yourself against ransomware by applying multi-layered security defences:

  • An email security system that scans email attachments and quarantines/blocks suspicious attachments.
  • Apply advanced threat protection that applies machine learning and AI technology to help detect ransomware.
  • Ensure your systems are updated with the latest patches to keep protecting against new threats – WannaCrypt only infected unpatched computers. From June to November 2017, Windows 7 devices were 3.4 times more likely to encounter ransomware compared to Windows 10 devices.[1]

It’s important to keep up with the ever-evolving landscape and help stay GDPR compliant. Every year the Microsoft Security Intelligence Report analyses security threats and offers advice on how to mitigate the top attack types.

Read the full report here.

Get a deep dive into the report in the webcast.

Find out more

Stay up to date with the Microsoft Secure Blog

Learn about our enterprise solutions at Microsoft Security

Why being secure is good for business

Discover the changing face of security

Why cybersecurity is a boardroom issue

[1] https://www.microsoft.com/en-us/wdsi/threats/malware-encyclopedia-description?Name=Ransom:Win32/WannaCrypt