One of the most important concepts in computer security is the “
attack surface
”: how much digital space a criminal has to carry out a cyber attack.
And a big problem facing large companies like Microsoft is that, for the number of services they cover like
Windows, Office and Outlook
, this footprint is huge.
Considering that the Redmond-based company also owns one of the largest clouds in the world (
Azure
, Amazon Web Services' main competitor), this attack surface becomes
critical
not only for the end user but also for the users .
services that are served by Azure (which are multiple and, many times, the user does not know it).
Perhaps for these reasons, Microsoft transformed over time not only into a software company, but also into an information security company: "Although this started many years before, the
pandemic
made the digitalization and migration process made the cloud accelerate to unimagined levels”, explains
Marcelo Felman, director of Microsoft Cybersecurity for Latin America , in dialogue with
Clarín .
Azure is one of the company's main business units (and one of its largest sources of income): “Computer security is part of Azure, it is one of the services and guarantees that we offer as part of our cloud service.
Computer security is a prerequisite of cloud computing.
There is no one without the other, ”he adds.
Based on this experience in handling large volumes of users and information, the expert analyzed the current cybersecurity situation and recommended a series of
seven steps
to prevent being scammed.
The seven tips for users
Tips to improve the phone's internet connection (WiFi).
Photo: Shutterstock
One of the biggest problems has to do with connections to public Wi-Fi networks.
These carry a risk as you cannot be sure whether the connection between the device and the modem is secure.
“These networks that are so convenient and available almost anywhere are where
data theft
occurs most often, ” Felman explains.
Based on his experience, this is what should be taken into account when connecting to the internet:
Always
check connection name
Connect
to an encrypted network: These convert the data to an encrypted format to prevent a third party from seeing the data packets sent and received
Do not make
purchases online
when we are connected to a public network: this is key since our credit card data is involved.
Disable
automatic Wi-Fi connection: This prevents you from inadvertently connecting to an insecure network.
Turn it off
when we're done: not only prevents attacks, but also saves battery.
Avoid
making financial transactions: this is one of the most obvious points, but to make bank transfers or with financial apps, it is better to use the data network.
Always look for the
HTTPS
of the sites we visit: it is a certificate of the web pages that show a small padlock to the left of the URL.
“Paradoxically, it is possible that even taking all these precautions we will have problems.
Therefore, it is essential to have a strong internet security solution installed on all our devices”, he adds.
The four tips for companies
Microsoft's attack surface is proportional to the number of services it offers: this can be very risky.
Photo Shutterstock
Now when it comes to businesses, the advice gets a bit more technical.
In addition to "zero trust" (see next section), Felman summarizes them this way:
Strengthen credentials:
Use multi-factor authentication (MFA) everywhere, as well as strong password guidance, and continue on the path to a passwordless environment (
such
as FIDO security keys).
The additional use of biometrics ensures strong authentication for user identities.
Reduce
the attack surface:
Disable the use of older and less secure protocols, restrict access to entry points, adopt cloud authentication, and exercise greater control over administrative access to resources.
Automate
response to threats:
apply
MFA
[multiple factor authentication] or block risky access and occasionally implement secure password change.
Implement and automate the response and not wait for a human agent to respond to the threat.
Empower employees
with self-service:
Implement autonomous password reset, provide autonomous access to groups and apps, and provide users with secure repositories to download apps and files.
“Zero Trust” to mitigate the attack surface
Large companies receive an enormous number of attacks every minute.
AP Photo
There are two reasons why attackers are more likely to compromise accounts and not only users but also large companies.
2022 was the year that marked the global growth of cyberattacks: according to an investigation by Check Point Research, there was an increase of
38% globally
and, in Latin America, they grew by 29%.
On the other hand, there is the problem that the more online services we use, although it is true that we simplify certain aspects of daily life, the more risks we run.
For this, both Microsoft and other companies suggest using the
"zero trust" strategy.
“The preventive and damage mitigation work that we do at Microsoft is the same that we recommend to our clients and the community in general: apply a
Zero Trust
strategy .
It is a holistic approach to cybersecurity that consists of a series of hygiene measures that any organization,
whether public or private,
must adopt in order to remain protected and mitigate possible damage”, explains Felman.
“This model has as its main premise the motto 'I never trust, I always verify' and is based on three pillars:
verify
explicitly,
use the least privilege possible
and assume that we have already been compromised.
In this way, we assume that every access attempt comes from an insecure place until the contrary is verified ”, he continues.
Thus, this method, which is usually applied to companies, also works for ordinary users: always be wary of
any request for personal information,
even when it seems to come from an official app.
“The good news is that, by applying a Zero Trust strategy, which is not difficult at all, added to other basic hygiene and security measures, we managed to cover ourselves against
98% of cyberattacks
”, concludes Felman.
Cybercrime on the rise
REvil, one of the largest ransomware gangs in the world: its members were arrested in 2021, but the group is still active.
AP Photo
According to data from Fortinet, a company dedicated to computer security, cases of
identity theft
through messaging applications have been increasing in the Latin American and Caribbean region.
Among those affected we can find from common users to business leaders, government officials, famous people and even political cases that have sparked scandals.
All this occurs in a context of growing global cybercrime: during the first half of 2022, the area received at least 137 billion cyberattack attempts from January to June, an increase of
50% compared to the same period. from the previous year
(with 91 billion, all this according to FortiGuard Labs).
Ransomware, a type of malware that kidnaps information to demand a ransom in exchange for money, fell globally and grew in Latin America, according to the latest Digital Defense report produced by Microsoft.
“We detected that there was a decrease in the number of ransomware cases reported in Europe and North America compared to 2021, while in Latin America, on the contrary,
the cases reported during the same period increased.”
Cases from last year such as Osde in Argentina, the Senate of the Nation, the Judiciary of Córdoba or even the Garrahan Hospital, attest to this situation “This means that we have a very important job ahead of us in Latin America.
At Microsoft, we have been carrying out important work to raise awareness in this regard for a long time, placing special emphasis on all organizations, regardless of their size, prioritizing computer security, that cybersecurity
becomes a topic at the board level
, ”analyzes Felman.
According to the Microsoft report, the number of password attacks increased by 74% in the last year.
Whereas, in the same period, we've had a 230% increase in password spray attacks, a type of brute force attack in which an attacker tries the same password on multiple accounts before moving on to others and repeating the process.
“The widening digital frontier and the rapid adoption of mobile devices with internet access has been very beneficial for humanity, but at the same time it has greatly increased the field of action of cybercrime.
We cannot let ourselves be
”, closes Felman.
look also
Theft of WhatsApp and Telegram accounts is growing: the most common attacks and how to protect yourself
PayPal accounts hacked: access to personal information of 35 thousand users
