5 Essential Insights from the Microsoft Digital Defense Report 2023

This year's report identified significant developments, some of which may sound familiar - such as the pressing need for more cyber defenders - and others that are newer.
The report is based on insights synthesized from 65 trillion daily signals by more than 10,000 security and threat intelligence experts across 135 million managed devices and over 15,000 security partners.
This data is also used to inform our security recommendations and mitigation strategies for customers year-round.
As we analyze this threat intelligence and look for more effective ways to counter adversaries at the speed of attack, artificial intelligence will be critical in tipping the scales back in favor of cyber defenders - enabling them to detect and respond to threats in near real time, upskilling them with alert prioritization and guidance, and bridging critical infrastructure gaps.
For AI to be effective, security teams must have all the insights and resources necessary to realize the full promise of this technology.
Human-Operated Ransomware Attacks Are Increasing Human-operated ransomware attacks have increased by more than 200% since September 2022, and we expect this trend to continue as ransomware operators leverage automation, AI, and hyperscale cloud systems to scale and maximize the effectiveness of their attacks.
Of the 123 ransomware-as-a-service affiliates that Microsoft tracks, 60% of their attacks used remote encryption and 70% were directed against organizations with fewer than 500 employees.
Security posture management will be critical - both for compliance and the health of devices, services, and assets - and automatic cloud backup and file-syncing should be implemented for user and business-critical data.
Password-Based Attacks Increased Dramatically Password attacks increased tenfold between April 2022 and April 2023, according to Microsoft Entra data.
This rise is likely due to porous security, as many organizations have not enabled multifactor authentication for their users.
This critical security gap leaves them vulnerable to phishing, credential stuffing, and brute-force attacks.
Business Email Compromise Is at an All-Time High Similarly, BEC attacks are at an all-time high, with an average of 156,000 BEC attempts made every day from April 2022 to April 2023.
Increased intelligence sharing between the public and private sectors is one way to enable faster, more impactful BEC response.
As part of this effort, the Microsoft Digital Crimes Unit is actively tracking and monitoring 14 commercial sites that sell distributed denial-of-service offerings, including one situated in the Dark Web.
Nation-State Threats Are Expanding in Scope and Scale Nation-state groups have increased the global scope of their cyber operations, targeting critical infrastructure, education, and policymaking organizations for geopolitical and espionage-focused reasons.
Although AI-generated profile pictures are a long-standing nation-state tactic, we believe groups will begin using more sophisticated AI tools to create multimedia content moving forward.
AI, LLMs Are Crucial Enablers of Cybersecurity AI will be critical for enhancing and augmenting the work of cyber defenders by automating repetitive tasks and identifying hidden patterns and behaviors.
Large language models also have a role to play, contributing to threat intelligence, incident response and recovery, monitoring and detection, testing and validation, education, and security governance, risk, and compliance.
Microsoft's AI Red Team of interdisciplinary experts is helping build this future of safer AI. Our AI Red Team emulates the tactics, techniques, and procedures of real-world adversaries to identify risks, uncover blind spots, validate assumptions, and improve the overall security posture of AI systems.
As businesses navigate these complex risks and changing threats, the insights from the report outline a path forward for upleveling the whole of cyber defense.


This Cyber News was published on www.darkreading.com. Publication date: Wed, 20 Dec 2023 14:00:09 +0000


Cyber News related to 5 Essential Insights from the Microsoft Digital Defense Report 2023

Teaching Digital Ethics: Navigating the Digital Age - In today's digital age, where technology permeates every aspect of our lives, the need for ethical behavior in the digital realm has become increasingly crucial. This article explores the significance of digital ethics education in our society and ...
11 months ago Securityzap.com
Digital Citizenship Lessons for Students - This article aims to emphasize the significance of digital citizenship lessons for students, focusing on three key aspects: the definition and scope of digital citizenship, online etiquette, and safe online behavior. By equipping students with ...
11 months ago Securityzap.com
Building a Culture of Digital Responsibility in Schools - In today's technologically-driven world, schools have a critical role in cultivating a culture of digital responsibility among students. Promoting digital responsibility involves educating students about the potential risks and consequences ...
11 months ago Securityzap.com
Strengthening Cybersecurity: The Role of Digital Certificates and PKI in Authentication - Data protection remains integral in our wide digital world. This has been possible because of the increasing awareness amidst enterprises, small and large, across industries on the paramount need for the protection of sensitive data, securing digital ...
11 months ago Feeds.dzone.com
9 Best DDoS Protection Service Providers for 2024 - eSecurity Planet content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More. One of the most powerful defenses an organization can employ against distributed ...
1 year ago Esecurityplanet.com
Understanding Device and Infrastructure Attack Risks: Exploring the Microsoft Digital Defense 2022 Report - Organizations need to be prepared to anticipate, preempt, and respond to device and infrastructure threats to stay ahead of cybercriminals. Microsoft’s Digital Defense Report 2022 provides a critical overview of the key threats, vulnerabilities, ...
1 year ago Csoonline.com
What a Digital ID Means to How Australians Interact With Businesses Online - Australia is about to get a national online ID system - the Digital ID - which promises to improve the security and privacy of data online. In just a few months, Australians will have access to a new form of ID, which aims to make identification ...
1 year ago Techrepublic.com
Does Your App Accept Digital Wallets? - Digital wallets are electronic systems that securely store payment information digitally. Digital wallets are designed for convenience and often include security features to protect your financial data. How Digital Wallets Function Digital wallets ...
1 year ago Feeds.dzone.com
Nation-State Threats and the Rise of Cyber Mercenaries: Exploring the Microsoft Digital Defense Report - To illuminate the evolving digital threat landscape and help the cyber community understand today's most pressing threats, we released our annual Microsoft Digital Defense Report. This year's report focuses on five key topics: cybercrime, ...
1 year ago Csoonline.com
Teaching Digital Literacy and Online Safety - It is crucial for educators to prioritize teaching online safety to ensure that students are equipped with the necessary skills to protect themselves online. This article aims to explore the importance of teaching digital literacy and online safety, ...
1 year ago Securityzap.com
Microsoft Incident Response lessons on preventing cloud identity compromise - Microsoft Incident Response is often engaged in cases where organizations have lost control of their Microsoft Entra ID tenant, due to a combination of misconfiguration, administrative oversight, exclusions to security policies, or insufficient ...
1 year ago Microsoft.com
Third Of European Businesses Have Adopted AI, AWS - AWS finds AI already adopted at sizeable number of European businesses, resulting in increased revenues, productivity. An insight into the adoption rate of artificial intelligence within the business community has been offered in a new report from ...
10 months ago Silicon.co.uk
Ransomware Attacks Strike South Africa, Decline in UAE - Cybercrime - and especially ransomware - traditionally have had an uneven impact across the Middle East and Africa, yet recent data suggests that ongoing geopolitical conflicts will likely raise the overall level of cyberattacks across the regions. ...
1 year ago Darkreading.com
A Deep Dive Into How Digital Pound Can Menace Financial Stability - The UK's expedition into releasing a digital pound has triggered a strong debate among policymakers and finance experts. The House of Commons Treasury Committee has shown concerns, cautioning that bringing a central bank digital currency in the UK ...
1 year ago Cysecurity.news
Microsoft SFI progress report elicits cautious optimism | TechTarget - "After a year, it looks like Microsoft has made some smart and substantive initial progress in elevating security across the whole organization: investment in security-focused head count, inclusion of security into performance reports across the ...
2 months ago Techtarget.com
5 Essential Insights from the Microsoft Digital Defense Report 2023 - This year's report identified significant developments, some of which may sound familiar - such as the pressing need for more cyber defenders - and others that are newer. The report is based on insights synthesized from 65 trillion daily signals by ...
1 year ago Darkreading.com
Digital ID adoption: Implementation and security concerns - As digital transformation accelerates, understanding how businesses are preparing for and implementing digital ID technologies is crucial for staying ahead in security and efficiency, according to Regula. The role of digital identity in efficiency ...
6 months ago Helpnetsecurity.com
New Microsoft Incident Response guides help security teams analyze suspicious activity - Today Microsoft Incident Response are proud to introduce two one-page guides to help security teams investigate suspicious activity in Microsoft 365 and Microsoft Entra. These guides contain the artifacts that Microsoft Incident Response hunts for ...
11 months ago Microsoft.com
Online safety laws: What's in store for children's digital playgrounds? - As children's safety and privacy online becomes a matter of increasing urgency, lawmakers around the world push ahead on new regulations in the digital realm. Tomorrow is Safer Internet Day, an annual awareness campaign that started in Europe in 2004 ...
1 year ago Welivesecurity.com
Understanding the Microsoft Digital Defense Report on the State of Cybercrime in 2022 - In the highly digitized world that we live in today, cybercrime is an ever-growing challenge. The Microsoft Digital Defense Report explores the state of cybercrime in 2022 and provides insights on the trends, outlook, challenges and opportunities ...
1 year ago Csoonline.com
Microsoft: Hackers target defense firms with new FalseFont malware - Microsoft says the APT33 Iranian cyber-espionage group is using recently discovered FalseFont backdoor malware to attack defense contractors worldwide. The DIB sector targeted in these attacks comprises over 100,000 defense companies and ...
1 year ago Bleepingcomputer.com
Microsoft Security Copilot improves speed and efficiency for security and IT teams - First announced in March 2023, Microsoft Security Copilot-Microsoft's first generative AI security product-has sparked major interest. With the rapid innovations of Security Copilot, we have taken this solution beyond security operations use cases ...
1 year ago Microsoft.com
What's new in the MSRC Report Abuse Portal and API - The Microsoft Security Response Center has always been at the forefront of addressing cyber threats, privacy issues, and abuse arising from Microsoft Online Services. Building on our commitment, we have introduced several key updates to the Report ...
5 months ago Msrc.microsoft.com
Navigating Microsoft's Innovations For 2023: Get Up to Date With The Latest Developments - In the world of digital technology, staying up-to-date with the latest advancements and innovations is becoming increasingly important. As one of the leading technology companies in the world, Microsoft is constantly introducing new innovations in ...
1 year ago Hackread.com
​​Microsoft named as a Leader in three IDC MarketScapes for Modern Endpoint Security 2024 - With these security concerns top of mind, there is no surprise that in the last five years, the Modern Endpoint Security market has nearly tripled in size to defend against emerging, sophisticated, and persistent threats. Microsoft Defender for ...
9 months ago Techcommunity.microsoft.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)