A whopping 81 percent of all cyberattacks are due to weak or stolen passwords, according to Microsoft in a blog about its Threat Protection service. Because many users use the same passwords on multiple websites, the compromised login credentials can be used to access other accounts of the user as well.
The last couple of weeks, attackers targeted users of Nest, Basecamp and Dailymotion. In the attacks, cybercriminals reused stolen and decrypted passwords to gain access to accounts of users of the affected websites. Earlier this month, Google announced it had reset passwords of 110 million users because their password appeared in data leaks.
Further in the blog, Microsoft reports that its Threat Protection service has protected several public sector institutions and non-governmental organizations against “a very aggressive cyberattack.”
The attack was a so-called social engineering attack, where the attackers sent emails with a link to a .ZIP file which included a malicious .LNK file. When the .LNK file was opened, malware was downloaded and executed on the system. Microsoft suspects that it was a nation-state attack and boasts that even such a sophisticated attack of which samples were never seen before, was blocked in its early stages by its Threat Protection service.
The Microsoft Threat Protection service is only for Windows 10 Enterprise and Microsoft 365 customers. However, it’s likely parts of the technology are also shared with Windows Defender, the built-in anti malware application in Windows 10.