Microsoft apps, services among major targets of cybercrime —report

February 16, 2023 - 12:39 PM
1899
A Microsoft logo is pictured on a store in the Manhattan borough of New York City, New York, U.S., January 25, 2021. (Reuters/Carlo Allegri/File Photo)

Microsoft services were among the major victims of cyber-attacks in 2022, according to an annual report on cyber outbreaks.

Fortinet, one of the leading cybersecurity firms, released its report titled “FortiGuard Outbreak Alerts – 2022” last month. It listed the significant outbreaks of hits and attacks that happened in the past year.

The report stated that Fortinet’s FortiGuard services blocked a massive number of attacks, ranging between three million and six million hits.

These “hits” came from cybersecurity vulnerabilities, malware, and “zero-day” attacks.

According to Investopedia, a cybersecurity incident becomes a zero-day attack when a hacker manages to exploit or insert “potentially serious software security weakness that the vendor or developer may be unaware of.”

Microsoft as prime target

In its report, Fortinet only focused on several major or significant cyber-attacks that it recorded last year.

Microsoft and its products and services were found to be prominent targets.

The full report can be accessed here report.pdf (fortinet.com).

  • Microsoft Exchange or MS Exchange Online was in the top seven list of significant outbreaks in 2022.

Fortinet noted that Microsoft Exchange receives a staggering 10,000 average attacks on a daily basis.

“The vulnerability is due to insufficient sanitization when handling a malicious request. Once the server is exploited, a remote attacker can disclose sensitive data or execute arbitrary code within the context of the application,” it said.

  • Microsoft Windows or MS Windows is in Fortinet’s profiles of most vulnerable applications.

MS Windows, the operating system of most computer devices, is the “top choice” of attackers for more than two years, according to Fortinet.

“This vulnerability is a privilege escalation vulnerability in Microsoft Windows, exploitable using a [maliciously] crafted file,” the cybersecurity firm said.

“It has been publicly disclosed for more than two years and it remains to be the top choice from the attackers since there are hundreds of vulnerable devices and it can leverage their privilege to gain control,” it added.

  • Microsoft Excel and other applications in MS Office are common recipients of malware attacks.

Fortinet detected over 500 million hits in Microsoft Excel exploits last year.

“Given its global presence and [year-round], many endpoints are presumed to be still vulnerable. The malware will exploit a stack buffer overflow vulnerability to run malicious shellcode which in turn will allow the malware to attempt to download the next malicious payload,” it said.

Microsoft’s online applications have experienced outages and technical issues several times in 2022.

Last July, Microsoft Teams, a communication platform, went down globally. The outage affected more than 3,000 users in different countries, including the Philippines.

After several hours, the company updated its customers in the afternoon that day, announcing that the platform was back up.

READ: Microsoft Teams outage sets off celebratory, reflective memes, reactions 

A possible solution

Fortinet previously warned that cryptocurrencies will be the new targets of ransomware hackers in 2023.

In its predictions report, the company stated that it detected malware designed to target cryptocurrency credentials in digital wallets amid the incessant rise of digital currency.

READ: Crypto heists seen to pose more danger in cybersecurity in 2023 —report 

To protect organizations and entities from such threats, Fortinet recommended a solution called the single-vendor secure access service edge (SASE) for comprehensive security coverage.

“Not just secure access service edge (SASE), but “single-vendor SASE” – the delivery of networking and security capabilities from one vendor in a unified solution – has emerged as a critical example of convergence that is helping teams drive operational efficiency, cost reduction by reducing vendors and point products, and reduced complexity,” Fortinet said in a statement on its website.