- Microsoft responds to Solarigate exploit
- Vasu Jakkal calls for more use of existing identity protection tools.
- Microsoft introduces a Zero-Trust Assessment Tool for companies
Originally published in Newsday for May 13, 2021.
In an announcement on Wednesday, Microsoft introduced the wide availability of new certifications for cybersecurity professionals across a range of capabilities.
The four certifications, Security, Compliance, and Identity Fundamentals, Information Protection Administrator Associate, Security Operations Analyst Associate and Identity and Access Administrator Associate are part of a refreshed initiative by the company to encourage good practices in preventive cybersecurity.
In an exclusive virtual briefing with Newsday on Tuesday, Vasu Jakkal, Microsoft’s Corporate vice-president for Security, Compliance and Identity, noted the sharp increase in computer intrusion attempts since the pandemic began.
“Hackers are attacking 579 times a second, from individual phishing to nation state attacks,” Jakkal said.
“Microsoft protected against 30 billion email threats in 2019 alone.”
“We have the tools, but we are not always making use of them. There are 18 billion password attacks a year and we are not using existing identity protection systems, such as multi-factor authentication.”
“Effective cybersecurity means moving to a Zero-Trust architecture, and that means looking at everything, all the time.”
Jakkal noted the effectiveness of the Solorigate intrusion attempt on the company’s systems.
Microsoft’s Threat Intelligence Center has since renamed that attack Nobelium, and it was part of a concerted cyberattack on the US Federal government, went on for at least eight months, and is believed to have affected 200 organisations around the world.
Solarwinds’ Orion governance software, VMWare, a computer virtualisation product and Microsoft’s cloud services were vectors in the exploit.
Access was gained through stolen authentication and took advantage of single-sign-on security infrastructure.
The exploit was successful and sustained because it took advantage of a wide range of lapses in programming, in supply chain security and in how the systems were configured to be used.
In an official Microsoft blog post in February titled “Turning the page on Solorigate” Jakkal acknowledged the incident and the lapses that led to it as a critical moment in Microsoft’s approach to cybersecurity.
“Baseline layers of protection are not enough for today’s sophisticated threats,” Jakkal wrote.
“Defense strategies must match up to these increasingly sophisticated attacks while factoring in the complexities of securing a remote workforce.”
“One of the most important pieces of guidance for any security posture that we can share right now is to layer up, no matter who your security vendors are.”
Microsoft’s emphasis in this week’s announcements addressed remote and hybrid work.
“How do we move to hybrid work and how do we thrive?” Jakkal asked rhetorically during Tuesday’s meeting.
“Even after things are settled, we are likely to see a 300 per cent increase in the numbers of people who are willing to work from home.”
“It’s going to take between three to five years to fully integrate that change.”
Microsoft wants companies to start thinking about the security architecture needed to support that change, even though, as Jakkal admitted, all customers are not on the same journey.
“The hybrid world is largely perimeterless, so wrapping protections around identity and devices is critical,” Jakkal wrote in a new post released yesterday.
“As part of Zero-Trust, we also think the future is passwordless and we will start to see that transition this year.”
The company announced a new Zero-Trust Assessment tool yesterday and continues to encourage its users to take advantage of existing multi-factor authentication (MFA), which the company frets, only 18 per cent of its users have turned on.
“We’re actively working to make MFA rollout easier and more seamless for our customers, as well as ensuring that the end-user experience is as frictionless and friendly as possible,” Jakkal noted in yesterday’s announcement.