SecurityBrief Asia logo
Asia's leading source of cybersecurity and cyber-attack news
Story image

Microsoft makes security offerings available to nation states and law enforcement

By Rob Leffert
Tue 25 Sep 2018
FYI, this story is more than a year old

Cybersecurity is the central challenge of the digital age.

Without it, the most basic human rights like privacy cannot exist.

Every day, organisations take precious time and resources away from their core business mission to defend against and recover from cyberattacks.

They operate dozens of complex disconnected tools, yet the gaps between those tools remain and threats get through.

Their security teams struggle to keep up and skilled expertise is scarce.

Microsoft is empowering IT to unlock the security capabilities of the intelligent cloud to tip the scales in the cyber war.

Microsoft focuses on three areas: running security operations that work for customers, building enterprise-class technology, and driving partnerships for a heterogeneous world.

First, it’s clear today’s cyberwar is an intelligence game.

At Microsoft, more than 3500 full-time security professionals work with leading AI tools to analyse more than 6.5 trillion global signals each day.

This is the most recent chapter in a journey down the experience curve that we have been on for more than a decade.

Beginning with securing the operating system platform, our Microsoft Threat Intelligence Center (MSTIC) learned to build multi-dimensional telemetry to support security use cases and to spot that rogue exploit in a distant crash dump bucket.

As the attacks morphed, so did Microsoft’s defensive approaches in our threat intelligence and response teams through PCs to the Internet era, from servers in the data center to workloads in the cloud.

Today, Microsoft operates its security infrastructure at a global scale to protect its customers: securing data centers, running a Cyber Defense Operations Center, hacking its own defences (red-teaming), and hunting down attackers.

Specialists in the Microsoft Cybersecurity Solutions Group work with Microsoft customers to strengthen their resilience and help them recover from incidents.

Microsoft’s Digital Crimes Unit works to disrupt and deter perpetrators.

Microsoft blocks more than 5 billion distinct malware threats per month.

One recent example shows the power of the cloud.

Microsoft’s cloud-based machine learning models detected a stealthy and highly targeted attack on small businesses across the United States with only 200 discrete targets called Ursnif and neutralised the threat in seconds.

Second, with Microsoft’s enterprise-class technology, it is using the cloud to secure organisations broadly.

The cloud enables it to take all its signal, intelligence, and operational experience and

use it to help its customers be more secure, with enterprise-class security technology.

In identity, for example, Microsoft takes the insights from processing hundreds of billions of authentications a month and delivers risk-based conditional access for customers using Azure AD to secure access to thousands of SaaS and line of business applications.

For security operations professionals, Microsoft surface its threat intelligence and has created a community where its researchers and others from the industry, can share advanced queries to hunt attackers and new threats so that it can collectively advance insight and protection.

At its Ignite conference in Orlando, Microsoft made these additional announcements:

  • Nearly all data loss starts with compromised passwords. Microsoft is delivering new support for password-less login via the Microsoft Authenticator app for the hundreds of thousands of Azure AD connected apps that businesses use every day.  
  • Microsoft Secure Score is an enterprise-grade dynamic report card for cybersecurity. By using it, organisations get assessments and recommendations that typically reduce their chance of a breach by 30-fold with steps like securing admin accounts with MFA and end users accounts with MFA and turning off client-side email forwarding rules. Many of these best practices mirror those of consumers, where the most impactful steps toward improving overall security include upgrading to Windows 10, turning on MFA for all available accounts (including MSA), and enabling ransomware protection in OneDrive. The average score we see across the Ignite audience today is in the 80s, for an active user it is over 120.  
  • Building on our experience running security operations, we are announcing Microsoft Threat Protection. It brings together threat protection solutions across email, PCs, documents, identities and infrastructure into a single integrated experience in Microsoft 365 saving thousands of hours for over-stretched security teams.  
  • In addition to these intelligent security products available to Microsoft 365 customers today, Microsoft is looking ahead and opening new business scenarios with previews of Azure confidential computing to protect data in use.

Third, Microsoft is driving a broad set of technology, industry and policy partnerships for a heterogeneous world.

It tackles emerging new ecosystem challenges like security for MCU-powered devices and IoT with innovations such as Azure Sphere, now available for preview.

Microsoft works with fellow security vendors to integrate the variety of security tools that its mutual customers use through its Microsoft Intelligent Security Association.

Specifically, the Microsoft Graph Security API, generally available starting today, helps partners (such as Palo Alto Networks) work with Microsoft to deliver better threat detection and faster incident response.

It connects a broad ecosystem of security solutions via a standard interface to help integrate security alerts, unlock contextual information, and simplify security automation.

Microsoft is working with tech companies, policymakers, and institutions critical to the democratic process on strategies to protect the United States’ midterm elections.

The company’s Defending Democracy program is working to protect political campaigns from hacking, increase the security of the electoral process, defend against disinformation, and bring greater transparency to political advertising online.

Part of this program is the AccountGuard initiative which provides cybersecurity protection at no extra cost to all candidates and campaign offices at the federal, state and local level, as well as think tanks and political organisations.

Microsoft has seen strong AccountGuard interest and in the first month onboarded more than 30 organisations.

Its focused on onboarding large national party operations first and has successfully done so for committees representing both major US parties as well as high-profile campaigns and think-tanks, and we are working to onboard additional groups each week.

Microsoft is developing plans to extend its Defending Democracy program to democracies around the world.

Since participating in the establishment of the Cybersecurity Tech Accord, an agreement to defend all customers everywhere from malicious attacks by cybercriminal enterprises and nation-states, it has seen that group nearly double in size with 27 new organisations joining from around the globe including Panasonic, Salesforce, Swisscom and Rockwell Automation to name a few, bringing total signatories to 61.

The Digital Crimes Unit has worked with global law enforcement agencies to bring criminals to justice: to date, taking down 18 criminal botnets and rescuing nearly 500 million devices from secret botnet control.

In partnership with security teams across the company, the DCU has also combatted nation-state hackers, using innovative legal approaches 12 times in two years to shut down 84 fake websites, often used in phishing attacks and set up by a group known as Strontium that is widely associated with the Russian government.

By Microsoft security corporate vice president Rob Leffer

Related stories
Top stories
Story image
Ivanti and Lookout bring zero trust security to hybrid work
Ivanti and Lookout have joined forces to help organisations accelerate cloud adoption and mature their zero trust security posture in the everywhere workplace.
Story image
BeyondTrust integrates Password Safe solution with SailPoint
BeyondTrust has announced the integration of BeyondTrust Password Safe with SailPoint identity security offerings.
Story image
Absolute Software expands Secure Access product offering
Absolute Software is enhancing its Secure Access product portfolio, enabling minimised risk exposure and optimised user experiences in the hybrid working environment.
Story image
Tech job moves
Tech job moves - Datacom, Micro Focus, SnapLogic and VMware
We round up all job appointments from May 6-12, 2022, in one place to keep you updated with the latest from across the tech industries.
Story image
Video: 10 Minute IT Jams - An update from IronNet
Michael Ehrlich joins us today to discuss the history of IronNet and the crucial role the company plays in the cyber defence space.
Story image
Appian awarded billions in damages against Pegasystems Inc.
Appian has been awarded USD$2.036 billion in damages against Pegasystems Inc as the result of a jury verdict in the Circuit Court for Fairfax County, Virginia.
Story image
Digital Transformation
Physical security systems guide the hybrid workplace to new heights
Organisations are reviewing how data gathered from their physical security systems can optimise, protect and enhance their business operations in unique ways.
Story image
Data Protection
Managed Service Providers key to customer data protection
Frequent cyberattacks in the ASEAN region drive the demand for MSPs that can deliver purpose-built security solutions for SME customers.
Story image
Artificial Intelligence
IBM study reveals changing sentiments around AI ethics
80% of respondents pointed to a non-technical executive, such as a CEO, as the primary 'champion' for AI ethics, a sharp uptick from 15% in 2018.
Story image
Blue Prism
Blue Prism Desktop uses IA to defend against vulnerabilities
SS&C Blue Prism Desktop aims to help protect businesses against vulnerabilities, using a combination of security measures and intelligent automation tech.
Story image
HackerOne launches Attack Resistance Management solution
HackerOne has launched Attack Resistance Management - a new category of security solution that targets the root causes of the attack resistance gap. 
Story image
Tech job moves
Tech job moves - Cisco, Hitachi Vantara, Tricentis & Zscaler
We round up all job appointments from April 28 - May 5, 2022, in one place to keep you updated with the latest from across the tech industries.
Story image
Apple, Google and Microsoft expands plans to get rid of passwords
FIDO Alliance says the world is closer to not relying on passwords after Apple, Google and Microsoft expands their support for a passwordless sign-in standard.
Story image
World (un)Password day? Yubico releases MFA guide encouraging new ideas
In a slight departure from traditional World Password Day lore, Yubico has today announced a multi-factor authentication (MFA) guide.
Story image
Anniversaries remind us to review identity risks
World Password Day provides a timely reminder for ordinary citizens and organisations to stop and think about the risks associated with digital identities.
Story image
Sift shares crucial advice for preventing serious ATO breaches
Are you or your business struggling with Account Takeover Fraud (ATO)? One of the latest ebooks from Sift can provide readers with the tools and expertise to help launch them into the new era of account security.
Story image
Developments in phishing and how to protect your business
Phishing, the practice of sending malicious emails to encourage users to perform actions that benefit an attacker, is a key security concern for modern businesses due to its prevalence and impact.
Story image
CyberArk launches $30M investment fund to advance security
CyberArk has announced the launch of CyberArk Ventures, a $30 million global investment fund dedicated to advancing the next generation of security disruptors.
Story image
Genetec launches new enclosure management system for data centers
Genetec has released a new enclosure management solution that will give data centers the ability to secure, monitor and manage access to racks and cabinets remotely.
Story image
Shopping for cyber insurance? Six questions to ask before calling the insurer
The cyber threat landscape has always been worrisome, but today these concerns are heightened given an anticipated uptick in cyber-attacks from bad actors.
Story image
Fortinet sees 34% revenue increase in latest financial results
Fortinet has released its financial results for the first quarter ended March 31, 2022, seeing a total revenue increase of 34.4% compared to the same quarter last year.
Story image
Application Security
Data Theorem launches "industry first" attack surface management solution
"No solution uses full-stack application runtime analysis and dynamic inventory discovery to support the challenges around vendor management."
Story image
Sophos named Gartner Peer Insights Customers Choice for network firewalls
The company earned the highest overall customer rating among vendors with at least 150 verified customer reviews.
Story image
Google reveals new safety and security measures for users
Google's new measures include automatic two step verification, virtual cards and making it easier to remove contact information on Google Search results.
Story image
New report reveals evolving techniques targeting cloud-native environments
Companies are adopting cloud-native technologies faster than ever before. Unfortunately, with new technology comes new threats and challenges.
Story image
Cybersecurity starts with education
In 2021, 80% of Australian organisations responding to the Sophos State of Ransomware study reported being hit by ransomware. 
Story image
Mitiga discovers potential hidden dangers in Google Cloud Platform’s (GCP) cloud control plane
The company also says that there is significant risk in cloud development caused by not recognising the differences between cloud and traditional definitions of common architecture terms.
Story image
ThoughtLab reveals 10 best practices for cybersecurity in 2022
The benchmarking study reveals best practices that can reduce the probability of a material breach and the time it takes to find and respond to those that happen.
Story image
Secure access service edge / SASE
Versa Networks recognised as SASE leader in Govie Awards
Versa Networks has announced its SASE offering has been recognised in The Govies Government Security Awards competition by Security Today magazine.
Story image
Companies rushing to secure print infrastructure
As the pandemic prioritised communication channels and the shift to remote work, IT departments fell behind in updating the security of print and IT infrastructure.
Story image
Application Security
What are the DDoS attack trend predictions for 2022?
Mitigation and recovery are vital to ensuring brand reputation remains solid in the face of a Distributed Denial of Service (DDoS) attack and that business growth and innovation can continue.
Story image
Machine Learning
Radware named Leader for application and API protection
“It is a reflection of our ability to innovate in key areas, such as automated API discovery, bot management, and behavioural-based ML algorithms."
Story image
Fortinet training edges toward closing cybersecurity gap
The Fortinet Training Institute has made significant progress in closing the cybersecurity skills gap, on track to train one million people by 2026.
Story image
Public Cloud
Radware announced launch of CNP spinoff SkyHawk Security
“We recognise the growing opportunities in the public cloud security market and are planning to capitalise on them."
Story image
Microsoft unveils three new security managed services
Security Experts includes three new managed services, Defender Experts for Hunting, Defender Experts for XDR, Security Services for Enterprise.
Story image
Jamf unveils new technologies for business security
Jamf has showcased new technologies it has developed to assist organisations in offering an enterprise secure and straightforward environment for consumers.
Story image
Odaseva expands in APAC and UK with more security features
Odaseva, a data platform for Salesforce, is establishing new headquarters in London as well as a new data center in India.
Story image
Global bot security market to reach US$2.5 billion by 2032
The global bot security market to reach US$2.5 billion by 2032 driven by a growing need for cyber security, according to a new report.
Story image
Artificial Intelligence
Updates from Google Workspace set to ease hybrid working troubles
Google Workspace has announced a variety of new features which will utilise Google AI capabilities to help make hybrid working situations more efficient and effective.
Story image
A10 Networks finds over 15 million DDoS weapons in 2021
A10 Networks notes that in the 2H 2021 reporting period, its security research team tracked more than 15.4 million Distributed Denial-of-Service (DDoS) weapons.
Story image
SpaceDC partners with Aofei for data center sales in Asia
SpaceDC has partnered with Aofei Data International to sell Aofei's data centers, CDN and SDN in China.
Story image
Zerto unveils updates to ransomware recovery capabilities
"Organisations face increased risks from the volume and sophistication of ransomware attacks prevalent today."
Find out how you and your business can prevent being caught out by everything from ransomware to cryptojacking.
Link image
Story image
Salesforce resets user passwords as GitHub breach investigation continues
Salesforce is increasing its security measures after a recent GitHub breach incident investigation reported in Heroku.