Join Pete Zerger for an in-depth discussion in this video Cyber threats targeting Windows 10, part of Microsoft Cybersecurity Stack: Securing Windows 10 in the Enterprise.
- [Instructor] Not only have cyber attacks evolved over time, but so too have the threat actors, who have evolved from the curious teenagers of 20 years ago into well-funded, well-organized, and highly-skilled hackers of today. Organizations today face a variety of threats, such as phishing, the sending of malicious emails disguised as messages from reputable sources in order to induce individuals to reveal personal information, like passwords and credit card numbers, or to download and install malware.
Ransomware, which is a type of malicious software designed to block access to a computer system until a some of money is paid. Spyware, software that enables an attacker to obtain covert information about another's computer by transmitting data covertly from their hard drive. Keyloggers, which are computer programs that record every keystroke made by a user in order to gain access to passwords and other confidential information. And worms, standalone malware computer programs that actually replicate themselves in order to spread to other computers.
At the end of the day, it all adds up to compromised accounts and endpoints. And at the end of the day, threat actors, that's another name for a hacker, working from all these angles have the same high-level objective, to compromise your organization's identities, your user accounts, and your endpoints, your work stations and mobile devices, so they can steal your valuable information, like employee and customer data. An industry survey in 2016 revealed that more than 90% of cyber attacks began with phishing or spear phishing attacks.
If you think about it, if that threat actor finds one email address, they have your email format. They can then find your highest value employees, think high value targets on business social sites and reconstruct their email addresses. 91%, that's a pretty scary number. But the scariest aspect of phishing attacks is user behaviors. By the numbers, if 100 users receive a malicious link or attachment, 25 will open that message.
12 will click the link or attachment, and six will do so in the first hour. The bottom line is you don't have time to screen threats and inform users, and no cybersecurity tool is 100% effective. You have to implement a layered defense, what we call defense in depth. That includes a Windows 10 configuration striking the right balance of protection and usability. In the big picture of defense in depth, here's another reality to consider.
Although some prevalent malware can attempt to infect 10s of thousands of customers, it's more likely that a new malicious file will often have been seen by very few. In fact, 96% of all malware seen by Microsoft in the first quarter of 2017 was only seen once, blocked at first sight on that computer. This doesn't happen with old-school anti-virus using signature updates. With Windows 10, you have a great headstart, as Windows 10 includes advanced anti-virus and anti-malware protections out of box, simplified patching and update options, virtualization-based security mechanisms to contain those threats, and integration with the Microsoft cloud.
However, we have lots to consider in devising how we'll configure Windows 10 features to secure our corporate environment while minimizing configuration effort, think central administration, optimizing the user experience, and implementing that defense in depth. But with the modern cyber threat landscape, Windows 10, in fact, no operating system, can carry the load alone. As we talk about how to configure Windows 10 security for your business, I'll point out the complimentary components of the Microsoft Cybersecurity Stack and where you can learn more about them in the Microsoft Cybersecurity series here on LinkedIn Learning.
So perhaps the most powerful component of Microsoft's cybersecurity strategy for business, the real secret sauce, as I like to call it, is the Intelligent Security Graph. All told, Microsoft receives trillions of pieces of data from billions of devices every month through their cloud services, their extensive research, their partnership with industry and law enforcement via their Digital Crimes Unit, their cybersecurity Defense Operations Center, all of this goes into the Intelligent Security Graph where artificial intelligence and machine learning algorithms process billions of data points, signal they call it, identifying emerging threats, sorting the real concerns from the false alarms, and feeding these learnings at scale to all Microsoft cloud services, like Office 365, as well as cloud-connected components on Windows 10, like Windows Defender.
This approach result in unprecedented visibility into the threats facing your organization, including malicious IPs, the emerging threats detected in your environment, sometimes post-breach, and in some cases, even the threat actors behind the attacks. Users are generally the weakest link in the chain. So you should absolutely invest in user education, such as phishing awareness in your company. This makes your users partners in preventing attacks. In this course, we're focused on securing Windows 10 in a business environment, so I won't mention this point again, but please write this down.
It's so important. All of the most security-conscious organizations have an employee education program when it comes to cybersecurity. Bottom line, Windows 10 is Microsoft's most secure operating system to date. A layered defense, defense in depth, is the number one key to success. Leverage both on-machine and off-machine, in this case, cloud, defenses. Know that artificial intelligence and machine learning, in our case, the Microsoft Intelligent Security Graph, play a role.
Knowing the problem and how to approach it is half the battle. Now let's move on and discuss what you can do to secure Windows 10 in your corporate environment.
- Cyber threats targeting Windows 10
- Developing a layered defense
- Policy-based management options
- Encrypting Windows devices
- Managing privacy settings
- Working with Windows Defender
- Managing updates
- Firewall configurations
- Securing remote access and cloud data