During their speech, at the conference RSA Security Conference, last week, its engineers Microsoft they said that 99,9% of those violated accounts that detect every month, uses no control identity multifactor (MFA). Microsoft has repeatedly stressed that this method protection can prevent most attacks (mainly automated) at accounts.
The company said about 0,5% of accounts are violated every month. In January 2020, this figure stood at about 1,2 million accounts.
Violating an account can cause many problems, especially when that account is corporate. From these extremely sensitive accounts, only 11% had MFA activated.
In most cases, account violations occur after others, usually simple attacks. Most violations Microsoft accounts started with password spraying, a technique in which the attacker selects a common and easy password and combines it with various usernames, until he can achieve the right combination and obtain access to an account.
A second breach, according to Microsoft, is password replays, a technique in which the attacker takes credentials that have leaked from others hackers ή Companies and tests them to see if they can access Microsoft accounts. After all, using the same codes in different accounts is a common occurrence hackers they know that.
"We know that 60% of users reuse passwords. "It's very common," said Lee Walker, a Microsoft executive.
Walker said the overwhelming majority of password spraying and password replay attacks targeting Microsoft accounts are targeted. older authentication protocols, like the SMTP, IMAP, POP and other.
Specifically, 99% of all password spraying attacks and 97% of password replay attacks are executed through legacy protocols.
Microsoft says that these protocols do not support multi-factor authentication (MFA)so they are ideal for them hackers, since they can breach accounts much easier.
The companies must disable these protocols, if they want to stay safe.
According to Microsoft, disabling these protocols has resulted in a 67% reduction in violated accounts.
However, according to the company, this is not enough. All companies have to allow and require it control multi-factor authentication (MFA) in user accounts.
Microsoft has said since last year that both Companies as ordinary users should use the MFA, because this solution can block 99,9% of violations.