Microsoft Sees Over 10 Million Cyberattacks Per Day On Its Online Infrastructure

An anonymous reader writes: Microsoft's user identity management systems, made up by Microsoft Account (formerly Live ID, for home users) and Azure Active Directory (for its cloud/corporate services), see over 13 billion user logins per day, with 1.3 billion for AAD. The company says that over 10 million (per day) of these login attempts are cyber-attacks, which the company is able to detect. This information comes via Microsoft's most recent Security Intelligence Report, which also reveals details about a new cyber-espionage group named Platinum and that hackers are still using the same vulnerability (CVE-2010-2568) even today, which was used in the Stuxnet attacks. According to Pew Research Center, there's an increasingly growing fear among Americans about cyberattacks. In fact, it's the second most feared entity to them, the first being ISIS.

Simple question

Why don't we just cut off the countries from the Internet that produce most of these attacks? I don't think anyone will miss Russia, China, Indonesia, the Philippines, and a few backwards countries in eastern Europe.

I know I'll get modded to -1 for this, because it's easier to evade the question and mod it down than answer it. But can anyone give me a legitimate answer? I doubt it.

Re:Simple question

Because those nations account for enormous amounts of GDP, China in particular.

Also, most attacks come from the USA.

You know, you might have a point. Perhaps it would be beneficial to just cut the USA off.

Oh, also, Americans are chickenshits. Just like macho cultures turn out to be girly-men, Americans are cowards no matter how many times they sing "home of the brave".

Bunch of paranoid mental cases trembling in fear while clutching their gerns.

No wonder they are paralysed with terror thinking about "haxors", everything scares them. Time for some more therapy, eh guys ?

Re: Simple question

Agreed. Americans wouldn't last a day without Europe. They needed our militaries to save the day in Afghanistan, Iraq, and just about every other fight. We even saved them in World War II. Americans talk a big story, but they're nothing without Europe.

Re: Simple question

Let's kick the Americans out of NATO. We'll be stronger without them.

Re: Simple question

It'll be boring though. Nobody to start glorious wars for someone to step in and gloriously end the violence and gloriously save the day.

Re:Simple question

Stop responding to that asshole. He keeps making trivial comments with the subject "Simple question" and that lame "I know I'll get modded to -1 for this" attempt at reverse psychology. You have been trolled.

Re: Simple question

Americans certainly helped Russians beat Germans. But then as Tolstoy said in War and Peace, "Ever since the world began, everybody's beaten the Germans".

Anyway by doing that they saved the equally nasty British and French. That is not good or brave.
Would have been better to let Nazis and other white European scum fight themselves out of existence. Nobody is going to miss them when they breed themselves out of existence, as will happen soon. London already has a radical Muslim mayor. White boys opposing him were pathetic.

Americans certainly got bent over and spanked in "Afghanistan, Iraq, and just about every other fight" in recent days.

With a military that is proud to be gender neutral, and organizing gay pride parades instead of military marches, and a solid record of pissing in their pants, running away from any real armed enemy (they cannot drone kill from far away), it is understandable Americans want to shut themselves within walls in real world or cyberspace. They wont stand a chance otherwise.

Re:Simple question

[bloodhawk]

Better add the US to the list you are cutting off as they are one of the top 3.

Re: Simple question

You're a fool if you think I believe the comment at the end about moderation will actually influence the moderation. Of course it won't. Instead, it's preemptively accusing people of avoiding the question in order to get more replies.

I've also posted plenty of stuff with that subject that hasn't been trollish. My comments about the Bayh-Dole Act were sincere. I do believe Microsoft is trying to cripple Windows 7 and 8.1 to force people to Windows 10. I really do support banning tobacco. If your apartment was always full of cigarette smoke from your neighbors and it causes you respiratory problems, you'd probably come to hate tobacco, too. I hate tobacco with a passion. I also really do question the relevance of six inductees to some random video game hall of fame. But yes, I've also done some trolling.

Slashdot is pretty broken. Most of the comments are already garbage. Moderation is horribly broken because it doesn't do a good job of separating the gems from the crap. At least mod up the good comments consistently! There's a horrible anti-American bias; people generally mod down nationalistic American comments, but bigoted comments from Europeans are often left alone or even modded up. The lameness filter is being used as a censorship tool.

I'm done with this trolling. I've made my point.

Re: Simple question

Not any more. The muslims have invaded europe. When their takeover is complete the US is next.

Re: Simple question

Believe it or not, some of us work with guys in those countries, buy stuff off them, and so on. Have you ever been more than 5 miles from where you born?

Re:Simple question

[joppeknol]

Here is your legitimate answer:

You cannot cut off Russia, China, Indonesia etc, because everyone would have to agree on that. It won't make sense if the USA does it while Germany doesn't. Criminals will just hire servers in Germany and continue.

Also, as others have pointed out. Russia, China Indonesia are large economic powers on their own. Cutting them off will hurt millions of people.

Thirdly, it will only stop a part of the attacks. Friendly countries, including USA, also have criminals.

What you might probably want is some more restrictions on the anonymity off those who can connect to the internet. One serious issue is that an anonymous person can hire a server and claim to be, for instance, faceb00k.com. Both server and domain registration cannot be traced back to that person (if done well).

However, attacking this problem means putting restrictions on anonymous internet, which is a thing not well liked by some communities.

Re:Simple question

You get modded down for being a dumb fuck and not realising the largest source of attacks is the US.

Re: Simple question

hey mods! mod this +3.14 GRODDIE!

Re: Simple question

[bloodhawk]

I seriously doubt his mother allows him out. Takes a special kind of idiocy that is usually only present in kids to understand so little about the internet and where attacks come from yet think he has a good idea that must be voiced to fix the problem.

Re: Simple question

Slashdot is pretty broken. Most of the comments are already garbage.

agreed, sadly though people like you are the root cause of the garbage. Would have taken you all of 10 seconds to do a search and work out what a dumb fucking idea it is that you posted.

Re:Simple question

[drinkypoo]

Better add the US to the list you are cutting off as they are one of the top 3.

Yep. It's like drugs. People say "why do we trade with those countries" and then it turns out that the USA is one of the world's largest drug producers, drug consumers, and drug traffickers! That is to say, we are one of the countries that imports the most drugs specifically for export. And even the CIA admits it, it's in the world fact book.

Re:Simple question

my SASSHOLE

Note to BeauHD

Cyberattacks are not an entity. They are a threat, but not an entity. An entity might be a state that sponsors those attacks, North Korea, for example.

beeeellionz of haxx0rz on teh intarwebbertubes

Yay for meaningless numbers to paint redmond (owner of your computer) a stout guardian against the seas of evil bogeymen.

But the numbers are still meaningless, and the convenient labels of badness are just as empty.

Re: beeeellionz of haxx0rz on teh intarwebbertubes

I'm sure you'd be praising them if they ran Linux.

Re: beeeellionz of haxx0rz on teh intarwebbertubes

Be sure all you like. It doesn't make you right, though.

meanwhile....

[JustNiz]

>> The company says that over 10 million (per day) of these login attempts are cyber-attacks, which the company is able to detect. ...meanwhile the many successful and/or undetected attempts are conveniently presumed to be zero.

Re:meanwhile....

[beastofburdon]

I caught this immediately too. What I find more interesting is that they apparently have far more logins per day than there are people in the world, by a few billion. Yet they are acting like those are all legitimate logins instead of successful attacks as a tremendous amount of them clearly are.

Re:meanwhile....

[JustNiz]

Yeah. Wierdly I got modded down for just pointing out that fact.
I wonder if the modder is really that clueless or if Microsoft have paid people to mod down anything against them even if its inescapable logic.

Smells

[Wowsers]

Smells more like a PR story to gather sympathy for Microsoft after what they are doing to users by stealing their private information via the Trojan Windows 10.

Re:Smells

Well obviously, if they weren't collecting all that data they wouldn't be so lucrative targets. Collect or store nothing and your not really very attractive as a source of attack. If you just have static webpages then all you can do is block them. The minute you start to log user private data, passwords and content that is available to some customers the minute your worth rises and you become a worthwhile mark.

Re: Smells

I wonder if Microsoft considers whether a machine being force-upgraded to Windows 10 is an attack.

Their customer base surely does.

Re:Smells

[greenfruitsalad]

how can one be sympathetic to their plight when one knows these millions of attacks are carried out by millions of compromised windows machines. they have pretty much created the whip on their backs.

Re:Smells

[oldcarsmell]

Gentlemen, arm your tinfoil hats!

People are terrified by cyberattacks

And they are terrified by terrorism. That explains why governments are deeply, maliciously and actively involved in both: terrifying people.

Fear sells.

[Bob_Who]

Fear helps to keep military spending a high priority. Now that Windows 10 is free, perhaps fear will encourage spending on MS cyber security.

Or better yet, perhaps spending on their secure cloud service, which would not be free, but always up to date, and "idiot proof".

Hmm.... An interesting marketing approach sure to gain traction with a fearful, if not technically incompetent population.

Re:Fear sells.

Good security is hard, takes time and requires constant vigilance.

There is always a break point where such a service as the one you describe could be more valuable to you than the time you spend managing your own systems. It's not just a matter of updating your system once a month. It involves constantly learning the new 'best' security practices for all of your software stack, how each component changes overall system security and trying to stay one step ahead.

Re:Fear sells.

[rtb61]

So how many successful attacks are M$ launching upon their unsuspecting victims via Windows anal probe 10, hmm, just saying (invading the privacy of others, yeah, that's a hack all right and on going one because they let the government in through that same back door, for a price).

Re:Fear sells.

[Neuronwelder]

Fear: Very well said!! They THRIVE on it!! It's GREAT for ratings!!

That doesn't sound like much.

Did counter overflow again?

Re: That doesn't sound like much.

It may be counting obvious exploit attempts. It's probably hard to distinguish failed logins from actual hacking attempts. Ever run sshd on an internet-facing system? You'll see the logs full of failed logins attempting to compromise the system with an sshd worm. These are pretty obvious, but when you're dealing with over a billion logins, it might be hard to separate the mistyped passwords from the actual hack attempts.

So 30 script kiddies

I see a password attack every 3 seconds on my server. I guess the attacker runs say 10 of these simultaneously to 10 different servers.

24 hours * 60 minutes * 20 per minute * 10 in parallel = 300k/day

So that would make Microsoft the victim of about 30-40 script kiddies?

Re:So 30 script kiddies

I was thinking it isn't that much if it included password attacks and the popularity of Microsoft, we average about 3 failed password attempts a second but the introduction of captcha forms every few attempts seem to be helping (well it means the script kiddies need to be a little more inventive so move on to easier targets).

Re:So 30 script kiddies

[Tablizer]

The irony: a handful of script-kiddies using millions of zombified Windows machines to attack MS. They wouldn't be so easy to zombify if MS took security seriously.

What about undetected attacks?

[aglider]

Those are more interesting by far as the byproducts are only visible after a while ... I think M$ won't ever tell us about them!

Re:What about undetected attacks?

I don't think you can report on things you don't know yet :))

Re:What about undetected attacks?

[aglider]

Exactly.

Still XPs around?

That CVE is specific for XP and Server 2003. It's still going to work until people remove those machines.

Big Deal

[Stinky+Cheese+Man]

This is news? Any computer with a direct connection to the internet get thousands of "cyber-attacks" every day, mostly from automated script-kiddy tools. It has been this way for at least the past 20 years.

'entity'

Cyberattacks is an entity?

Re: beeeellionz of haxx0rz on teh intarwebbertube

Pretty sure it does in this case.

And with win8/10 "cloud" login

And thanks to the cloud all i have to do is pwn your single hotmail/live ID and i have EVERYTHING you have, docs, images, mail, remote wipe, ALL OF IT including control of your PC, you haven't lost control of just email but now the whole box and its contents :-D .

from a single compromised login.
thanks Microsoft

Re: And with win8/10 "cloud" login

There is by default no remote access to a win10 pc, so you are assuming I copied all that data you mentioned to Onedrive. Also, 2 factor login is encouraged, even if you have my password you won't get anywhere.

Re:And with win8/10 "cloud" login

It's quite possible to set up Windows 10 without the Microsoft Account diddle - which by the way is worse than it sounds because if you take that default it's not only a cloud thing but also the Administrator of your local machine. Just decline that and set up local accounts, and run normally as a limited user, the way you always did. If you don't need it for passing data around, decline use of Onedrive as well (or uninstall it if you can - MS will reinstall it if you do, probably), which you can, and with the newly reduced 5GB limit it's hardly worth the effort as a backup device anyway. If you do have/use a MS Account, log in using a non-MS browser, do your business, and log out, then kill the browser instance (having set it to discard cache etc. on close, of course). We're supposed to be at least moderately tech-savvy around here, aren't we? RTFM, or at least read the whole page of installation options?

The future doesn't need to be "cloudy" all the time. Partly, perhaps, but it can be by choice.

Re:And with win8/10 "cloud" login

And thanks to the cloud all i have to do is pwn your single hotmail/live ID and i have EVERYTHING you have, docs, images, mail, remote wipe, ALL OF IT including control of your PC, you haven't lost control of just email but now the whole box and its contents :-D .

from a single compromised login. thanks Microsoft

You shouldn't thank Microsoft, you should educate yourself a bit, what you are claiming is not true.

Re:And with win8/10 "cloud" login

And thanks to the cloud all i have to do is pwn your single hotmail/live ID and i have EVERYTHING you have, docs, images, mail, remote wipe, ALL OF IT including control of your PC, you haven't lost control of just email but now the whole box and its contents :-D .

from a single compromised login. thanks Microsoft

I know this is Slashdot and configuring your own OS is hard, but you don't have to use the Microsoft Account ID for your Windows login. Even if you do, it is a local login, no remote access to data. And if you do copy your data to Onedrive or similar you are pretty non-intelligent if you don't protect it with 2 factor login and trusted devices, so you will get nowhere with your Hotmail login info.

Critical Questions

1. How many more attacks are they not able to detect?
2. How many undetected attacks are successful?
3. How do you think it's still a good idea to centralize identity management for everyone into a single point ripe for the picking?
4. What do you suppose will happen WHEN there is a breach?

10 million

10 million people who didn't realize you could access anyone's office 365 and outlook accounts without a password at all.

Oh,

[God+of+Lemmings]

They must have started counting their own windows 10 installers..

more scary than both

[phantomfive]

More scary than hackers or ISIS: the IRS. You do not want to get audited, those are the people who took down Al Capone.

Re: beeeellionz of haxx0rz on teh intarwebbertube

m$ does run Linux. It actually uses Linux a lot on its azure platform.

Of Course That Includes

Of course that includes people logging onto microsoft dot com using Linux.

Good.

Good. Fuck 'em! Can't wait to read about the inevitable bankruptcy and destruction of that wretched goddamned fucking company.

The icing on top of that cake would be the conviction and sentencing to decades of prison time, of all the assholes who have been responsible for all the evil those motherfuckers have perpetrated over the course of the company's existence.

I wonder, philosophically, if that includes all their shareholders. Should they be counted as responsible parties too?

Re:Good.

[Tablizer]

As much as I hate MS would personally LOVE to see them die a miserable painful writhing frothy death, Google and Apple need competition to avoid yet more dickass monopolies and oligopolies.

Re:Good. [correction]

[Tablizer]

Correction: should be "and would personally"

I believe Microsoft

10 million attacks per day... alright so then you've got to be out of your mind to use Azure or any Microsoft service.

10 million a day?

[DiEx-15]

Must be a slow day for them, then!