Microsoft Corp. has announced new products, employee plans, and guidance to tackle the global fight against increasingly large-scale and complex cyberattacks. These include additional support on multifactor authentication (MFA) and security protection for customers, along with Microsoft’s own transition of having employees adopt a Zero Trust approach.
The cybersecurity landscape has fundamentally changed due to large-scale, complex attacks in recent times. Hackers launch an average of 50 million password attacks every day—579 per second, and phishing attacks have increased.
Firmware attacks are on the rise, and ransomware has become incredibly problematic. Microsoft had intercepted and thwarted a record-breaking 30 billion email threats last year and is currently actively tracking 40 plus active nation-state actors and over 140 threat groups representing 20 countries.
According to Microsoft Defender Antivirus’ telemetry, malware encounter rates in Asia Pacific have increased – 23% in Australia; 80% in China; 15% in India; 16% in Japan; 19% in New Zealand; and 43% in Singapore over the past 18 months, spanning pre-pandemic to now.
As a subset of malware, ransomware encounters have also increased 453% in Australia; 463% in China; 100% in India; 541% in Japan; 825% in New Zealand; and 296% in Singapore over the same period.
According to Microsoft’s Work Trend Index, 53% of people surveyed in Asia plan to move because they can now work remotely – this is slightly higher than the global figure of 46%, pointing to the urgency for security to address this new way of working.
Mary Jo Schrade, Assistant General Counsel, Regional Lead, Microsoft Digital Crimes Unit Asia, shared, “Most of our region has transitioned to remote working over the past year. As we continue the need to work from home either full time or part time, we need to adopt more tools and build our defenses against potential cyberattacks.
In Asia, adopting multi-factor authentication together with a Zero Trust approach are the foundations to safer work from home or hybrid work scenarios.”
Small-and-medium businesses (SMBs) are particularly vulnerable to cybersecurity threats – in Asia Pacific, SMBs make up more than 98% of enterprise and employ 50% of the workforce, comprising an integral part of the region’s social and economic well-being. However, a large percentage of SMBs do not know how to protect their companies, lack dedicated IT staff and have inadequate computer and network security.
Joe Sweeney, Advisor, Intelligent Business Research Services (IBRS), added, “Highly automated social attacks (phishing) are on the rise. They are coming through email, instant messaging, social media and texts. It is critical for organizations to take on a Zero Trust approach to address this, by segmenting all aspects of the end user environment and treat each as untrusted.
This requires a very different thinking from the traditional ‘network as the border’ and ‘protect the device’ approach. It requires a data-centric and authentication-centric approach. While there are other security considerations, getting identity, authentication and information management sorted is essential.”
Securing remote working with new products
In line with individual and business security needs that come with remote working, Microsoft has launched new innovations to further protect customers.
These new verification features include Azure AD Conditional Access to give admins more granular access controls, conditional launch settings with App Protection Policies in Microsoft Endpoint Manager, and an Azure AD shared device mode across multiple users.
Additional features and enhancements have also been launched on Microsoft 365 Defender, Azure Sentinel and Microsoft Cloud App Security. More on the new products launched globally can be found at https://www.microsoft.com/