Cyber Security remains at the forefront of global security consciousness. The cyber issue permeates all other security challenges as the digital revolution becomes more absolute. Following from the Commonwealth Cyber Security Dialogue co-hosted by CSG, IFF, and the United Nations in September 2019, CSG spoke to Mike Yeh of Microsoft EMEA.
What are the largest emerging threats to cybersecurity and a secure online space? Are there threats over the horizon that the international community are not paying enough attention?
Poorly secured identities and passwords remain the biggest threat to cybersecurity, especially in the face of AI-based malware. More than 60 percent of all confirmed data breaches involve weak, default or stolen passwords. Looking at the current threat landscape we see an increase in the success of phishing and social engineering attacks. Attackers know that people’s inboxes, mobile alerts, and news updates are flooded with information around COVID-19. They know many are clicking without looking because stress levels are high and they’re taking advantage of that.
Existing malware infrastructure, like ransomware, phishing, and other delivery tools, is changing to include COVID-19 keywords that get us to click. Looking ahead, we expect to see more campaigns that utilise the economic fear from lost income.
In light of Microsoft’s signing of the ‘Christchurch Call’ in the wake of the March 2019 Christchurch terror attacks, what actions are Microsoft taking to prevent terrorist use of its platforms and indeed the online space as a whole?
Since the Christchurch attacks, Microsoft has taken new steps, with others in the industry, to improve and create tools and frameworks to prepare, alert, act and report on violent incidents when they happen. One of the most important things we announced last year was a new Crisis Incident Protocol, which creates the ability for us not just as an industry, but in collaboration with governments, to prepare for these kinds of attacks, to alert each other when they take place, to act quickly to remove violent content and interrupt live streaming, and report to the public with the transparency that the world requires. The shared protocol is operationally ready and will serve as a living framework that will be tested and updated regularly.
The spread of fake news on the internet is a major threat to democracy. What can be done by the private sector to help prevent its spread? What is Microsoft doing to help combat this?
Defending against fake news is critical, not just to protect the integrity of our democratic processes and institutions, but also to ensure people stay safe online.
Safeguarding the integrity of information has long been a priority for Microsoft. As part of our Defending Democracy Programme, we work with NewsGuard to provide helpful information to users of Microsoft Edge on the accuracy of the web sites they have chosen to visit, including warnings to proceed with caution when visiting a site associated with fake news.
More recently Microsoft teamed up with Facebook, Google, LinkedIn, Reddit, Twitter and YouTube to help stem fraud and misinformation surrounding COVID-19. Together with these companies, we are elevating authoritative content about the pandemic across our platforms and sharing critical updates in co-ordination with government healthcare agencies around the world.
At the 2018 Commonwealth Heads of Government meeting the heads of government issued a joint statement – the Commonwealth Cyber Declaration. The declaration pledged to ‘build the foundations of an effective cybersecurity response’ and ‘promote stability in the cyberspace through international cooperation’. How can Microsoft work alongside the Commonwealth governments to help achieve these aims?
Cybersecurity is a shared responsibility that requires collective action. That’s why we combine our operations and technology with a broad set of partnerships that we drive in technology and policy, to help make the world a safer place.
This approach is based on our unique insights into the threat landscape, derived from our experience running security operations for our customers. We use those insights to build enterprise-class security solutions that work in concert with each other and solutions from our partner ecosystem.
We’ve made significant investments across a broad set of technology and policy partnerships, including initiatives like the Cybersecurity Tech Accord and collaboration with law enforcement through our Digital Crimes Unit. Microsoft also invests over US$1 billion annually on cybersecurity research and development. More than 3,500 full-time security professionals at Microsoft work with leading AI tools to analyse more than 8 trillion global signals each day. Specialist teams including the Microsoft Threat Intelligence Centre and our Cyber Defense Operations Centre work together to analyse threats and take action to defend our customers.
What can Microsoft do to help protect smaller companies from cyber-attacks, especially across Africa? How can Microsoft work with smaller cybersecurity companies to improve their capacity?
Responding to, and recovering from, cyberattacks takes time and resources. This is a challenge for many countries in Africa, where economies are often heavily supported by small business. At the same time, we see businesses across the region becoming increasingly connected and experimenting with new technology. In fact, many small and medium-sized companies in countries like Nigeria are embracing a completely mobile-first approach to business. This can increase their exposure to cyber threat if they don’t have the right security measures in place. For big and small companies, as well as governments, the most important thing to do is to ensure they are fully leveraging and deploying the latest security technology – whether it is multi-factor authentication or relying on cloud-based threat analysis.
Because small businesses typically don’t have many extra resources at their disposal, having an in-house security team is often financially out of reach. This, however, is where cloud providers such as Microsoft can make a significant difference as businesses don’t have to worry about the expense and manpower to build out a datacentre, or additional factors such as cameras and security gates for the centre. Yet, at the same time, they have the ability to draw on security products that are constantly updated through the power of the cloud and based on intelligence from across Microsoft’s wide variety of threat researchers and experts.
Given the potential it has to create harm, why should the use of the internet remain free and open?
It’s true when everything is connected, it can also be disrupted. But this level of connectivity creates a unique opportunity for citizens and businesses to innovate, share information and thrive.
And ironically, the internet can also serve as a powerful tool to help business stay ahead of the changing threat landscape. It allows companies to access cloud-based services that can be updated and deployed in real-time to address threats.
Because on-premises and mismatched standalone solutions are no match for cyberthreats, the public and hybrid clouds will be the real keys to providing tools for enhanced safety. A hybrid cloud solution allows for AI understanding and insights about the global threat landscape thanks to the more than 8 trillion signals a day which pass through the cloud. Public cloud solutions also make it possible to have additional safeguards like sign-in location checks or secondary authentication, all without bringing traffic to a halt. Using the cloud to harness the largest and most diverse set of signals we can enable businesses and people to reap the significant benefits of connectivity while also helping them to remain safe.
What single policy or initiative should be our highest priority to implement to increase global cybersecurity?
At the risk of stating the obvious, a clear focus needs to be on enhancing the cybersecurity protections that secure critical infrastructure and government entities generally, which is core to protecting and providing services to citizens. As the world battles the COVID-19 pandemic, we have seen, and others have reported, that nation states and cybercriminals are taking advantage of the crisis by using virus-themed phishing attacks and other techniques to attack critical institutions, including healthcare providers.
Looking longer term, I would also suggest focusing on the increasing attacks on core values, including democracy. Democracies were already facing adversaries intent on using cyberattacks to disrupt our elections and democratic processes. We must assume they will use these techniques to target the legitimacy of elections as well.
That’s why Microsoft recently announced several steps its Defending Democracy programme is taking to help our democratic processes become more resilient considering all these threats. Specifically, we’ve expanded the programme to include a new service, Election Security Advisors, which will give political campaigns and election officials hands-on help securing their systems and recovering from cyberattacks. We’re also extending Microsoft 365 for Campaigns to state-level campaigns and parties. And, finally, we are publishing our public policy recommendations for securing elections, including ways to secure them while confronting the COVID-19 public health crisis.
CSG was speaking to Mike Yeh, Associate Counsel General, Legal and External Affairs, Microsoft EMEA.