One of the most important concepts of computer security is that of “attack surface”: how much digital space a criminal has available to carry out a cyber attack. And a big problem that big companies like Microsoft face is this, because of the number of services they cover Windows, Office and Outlookthis area is huge.
If we consider that the Redmond company also owns one of the largest clouds in the world (sky bluethe main competitor of Amazon Web Services), this attack surface becomes criticism not only for the end user but also for the services offered by Azure (which are many and, many times, the user is unaware of them).
Perhaps for these reasons Microsoft has become over time not only a software company, but also a computer security company: “Although it started many years earlier, the pandemic it has accelerated the process of digitization and migration to the cloud to unimaginable levels”, he explains in conversation with clarion Marcelo Felman, Microsoft’s director of information security for Latin America.
Azure is one of the main business units of the company (and one of the major sources of income): “IT security is part of Azure, it is one of the services and guarantees that we offer as part of our cloud service. Cybersecurity is a prerequisite of cloud computing. There is no one without the other,” he adds.
Based on this experience in handling large volumes of users and information, the expert analyzed the current situation of information security and recommends a series of seven steps to avoid being scammed.
The seven tips for users
One of the biggest problems involves connections to public Wi-Fi networks. These pose a risk as it is not possible to be sure that the connection between the device and the modem is secure.
“These networks that are so convenient and that we can find available almost everywhere are where the most frequent occurs data theftFelmann explains.
Based on his experience, this is what should be taken into consideration when connecting to the Internet:
- To verify always the name of the connection
- Connect to an encrypted network: convert data into an encrypted format to prevent third parties from seeing the data packets you send and receive
- Not to do Online shopping when we are connected to a public network: this is essential since our credit card data is involved.
- Deactivate Auto Connect to Wi-Fi: This prevents you from inadvertently connecting to an unsafe network.
- Switch it off when we’re done: it not only prevents attacks, but saves battery.
- To avoid make financial transactions: this is one of the most obvious points, but to make transfers or with financial apps it is better to use the data network.
- Always look for the HTTPS of the sites we visit: it is a certificate of the web pages that bear a small padlock to the left of the URL.
“Paradoxically it is possible that even if we take all these precautions we will have problems. Therefore, it is essential to have a robust internet security solution installed in all our devices,” he adds.
The four tips for companies
Now, when it comes to businesses, the advice gets a little more technical. Besides “zero trust” (see next section), Felman summarizes them like this:
- Strengthen credentials: use multi-factor authentication (MFA) everywhere as well as secure password help and continue on the road to a passwordless environment (without password, such as FIDO security keys). The additional use of biometrics ensures strong authentication for user identities.
- Reduce the attack surface: disable the use of older and less secure protocols, restrict access to entry points, adopt cloud authentication, and exercise greater control over administrative access to resources.
- Automate threat response: To apply BUT IT IS [factor de autenticación múltiple] or block risky access and occasionally implement a secure password change. Deploy and automate the response and don’t wait for a human agent to respond to the threat.
- Boost up to collaborators with self-service: implement self-service password reset, provide self-service access to groups and applications, and provide users with secure repositories for downloading applications and files.
“Zero Trust” to mitigate the attack surface
There are two reasons why attackers are more likely to compromise accounts, and not just users but large companies as well. 2022 was the year that marked the global growth of cyber attacks: according to a survey by Check Point Research, there was an increase in 38% globally and, in Latin America, they grew by 29%.
On the other hand, there is the problem that the more online services we use, even if it is true that we simplify certain aspects of daily life, the more risks we run.
For this, both Microsoft and other companies suggest using the strategy of “zero trust”.
“The damage prevention and mitigation work we do at Microsoft is the same one we recommend to our customers and the community at large: apply a strategy of Zero trust. It is a holistic approach to cyber security which consists of a set of hygiene measures that any organisation, whether public or private, you need to take to stay protected and mitigate potential damage,” Felman explains.
“This model has as its main premise the motto ‘I never trust, I always verify’ and is based on three pillars: check explicitly, use as little privilege as possible and assume that we have already been compromised. This way we assume that every login attempt comes from an insecure place until verified otherwise,” he continues.
Thus, this method, which is usually applied to companies, is also useful for ordinary users – always be wary any request for personal information, even when it appears to be from an official app.
“The good news is that, by applying a Zero Trust strategy, which is not at all difficult, combined with other basic hygiene and safety measures, we have managed to protect ourselves from 98% of cyber attacks”, closes Felman.
Cybercrime on the rise
According to data from Fortinet, a company dedicated to computer security, cases of identity fraud through messaging applications are on the rise in the Latin American and Caribbean region.
Among those affected we can find from ordinary users to business leaders, government officials, famous people and even political cases that sparked scandals.
All this takes place in a context of global cybercrime growth: during the first half of 2022, the area received at least 137 billion cyber-attack attempts from January to June, an increase ofl 50% compared to the same period of the previous year (with 91 billion, all this according to FortiGuard Labs).
Ransomware, a type of malware that hijacks information to hold ransoms for money, has been declining globally and on the rise in Latin America, according to the latest Digital Defense report produced by Microsoft.
“We have seen a decrease in the number of reported ransomware cases in Europe and North America compared to 2021, while in Latin America, by contrast, cases reported during the same period increased.”
Cases of last year such as Osde in Argentina, the Senate of the Nation, the judiciary of Córdoba or even the Garrahan hospital, attest to this situation “This means that we have a very important job ahead of us in Latin America. At Microsoft, we have been carrying out important awareness work in this regard for some time, placing particular emphasis on all organizations, regardless of their size, giving priority to IT security, that cybersecurity it becomes a directory-level problem”, analyzes Felman.
According to the Microsoft report, the number of password attacks has increased by 74% over the past year. While, over the same period, we’ve had a 230% increase in password spray attacks, a type of brute force attack where an attacker tries the same password on multiple accounts before switching to others and repeating the process.
“The widening of the digital frontier and the rapid adoption of mobile devices with internet access has been very beneficial to humanity, but at the same time it has greatly expanded the scope of cybercrime. we cannot let ourselves be”, closes Felman.