Security Stop Press : Microsoft Reports 600 Million Daily Identity Attacks

Written by Pronetic

Pronetic is a leading provider of core IT support for ISO 27001, Cyber Essentials and Cyber Essentials Plus compliance.

October 21, 2024

Microsoft has revealed it tracks over 600 million identity attacks per day, as cybercriminals refine their tactics and work together more closely.

In its ‘Digital Defense Report 2024’, Microsoft highlighted that identity-based attacks have surged due to the widespread shift to cloud services. The report noted that Microsoft Entra blocked 7,000 password attacks per second over the last year.

Despite the adoption of multi-factor authentication (MFA) by 41 per cent of its enterprise customers, attackers are using advanced techniques such as adversary-in-the-middle (AiTM) attacks to bypass MFA security measures. A significant 99 per cent of identity attacks still rely on stolen or phished passwords, underscoring the vulnerability of password-based systems.

The report also showed a stark increase in attempted ransomware attacks, with a 2.75-fold rise driven by groups like Akira, Lockbit, and Play. However, despite the spike in attempts, successful ransomware encryptions have dropped threefold, suggesting some defensive measures are proving effective. Also, the evolving threat landscape has seen a rise in hybrid warfare tactics, including cyber-attacks on operational technology (OT) and government entities in the context of global conflicts.

Businesses looking to mitigate the risk of identity-based attacks should consider a transition to passwordless authentication methods. This, coupled with enhanced AI-driven security tools, could help close the gaps exploited by increasingly sophisticated cyber threats.

You May Also Like…

0 Comments

Submit a Comment

Your email address will not be published. Required fields are marked *

Why Choose Pronetic

We Are ISO 27001 & Cyber Essentials Plus Certified

Be reassured that we have been externally audited. You can have complete peace of mind that the team managing your IT systems and safeguarding your data are independently vetted annually.

Seamless & Comprehensive IT Support

Our investment in people, tools and processes, continuously improved, ensures that we don’t just deliver exceptional I.T. support but include your compliance to Cyber Essentials or ISO 27001 “baked-in”. Yes, that means no more annual headaches and stress when your certification comes round.

Expert Support Money Back Guarantee

We're confident in the value we deliver. That's why we offer a 90-day, no-quibble money-back guarantee. If, for any reason, you're not completely satisfied with our IT support services, we'll provide a full refund and cancel your contract without any hassle.

Book Your Free IT Strategy Call Now!

Simply Fill In The Form Below To Receive Your Free IT Strategy Call:

By submitting this form, you consent to us using your personal information to contact you. For more information please see our privacy policy.