Microsoft Overhauls Software Security After Major Azure Cloud Attacks

News Summary

Microsoft is overhauling its software security after a series of major attacks on its Azure cloud platform. The new initiative, dubbed the Secure Future Initiative (SFI), will focus on using automation and AI to improve the security of Microsoft’s cloud services, reduce the time it takes to fix cloud vulnerabilities, and implement better security settings out of the box.

Key Points

• Microsoft will use automation and AI to improve the security of its cloud services, cut the time it takes to fix cloud vulnerabilities, and implement better security settings out of the box.
• Microsoft plans to build an AI-based “cyber shield” to protect customers and countries globally.
• Microsoft aims to cut the time required to mitigate cloud vulnerabilities by 50%.
• Microsoft is moving identity platforms to confidential computing infrastructure to protect encryption keys from being compromised.
• Microsoft plans to implement more secure default settings for Multi-Factor Authentication (MFA) across a broader range of customer services over the next year.

Microsoft is taking significant steps to overhaul its software security following a series of major attacks on its Azure cloud services. The company has been at the center of several cybersecurity incidents in recent years, including the SolarWinds attack, a Microsoft Exchange Server flaw that led to the hacking of 30,000 organizations’ email servers, and a breach of US government emails by Chinese hackers via a Microsoft cloud exploit.

In response to these incidents, Microsoft has announced a comprehensive cybersecurity effort, the Secure Future Initiative (SFI). This initiative represents the most significant change to Microsoft’s security efforts since the launch of its Security Development Lifecycle (SDL) in 2004.

The SFI aims to transform how Microsoft designs, builds, tests, and operates its software and services. The company plans to leverage automation and artificial intelligence (AI) during software development to enhance the security of its cloud services. This approach is expected to reduce the time it takes to fix cloud vulnerabilities, enable better security settings by default, and harden its infrastructure to prevent encryption keys from falling into the wrong hands.

In addition to the SolarWinds and Exchange attacks, Microsoft has also been the victim of a number of other high-profile cyberattacks in recent years. These include:

• 2017: The WannaCry ransomware attack, which exploited a vulnerability in Microsoft Windows, infected hundreds of thousands of computers and caused billions of dollars in damage.
• 2018: The NotPetya ransomware attack, which also exploited a vulnerability in Microsoft Windows, caused widespread disruption to businesses and governments around the world.
• 2020: The Hafnium attack, which exploited vulnerabilities in Microsoft Exchange email server software to steal data from government agencies and businesses.

Microsoft is also a member of the Cybersecurity and Infrastructure Security Agency (CISA) and the National Security Agency (NSA), and it works closely with these agencies to share threat intelligence and develop security best practices.

SFI is particularly relevant in light of several high-profile cyberattacks that Microsoft has experienced in recent years.

Key elements of the SFI include::

1. Transformation of Software Development: The SFI aims to transform how Microsoft designs, builds, tests, and operates its software and services.
2. Leveraging Automation and AI: Microsoft plans to use automation and artificial intelligence during software development to enhance the security of its cloud services.
3. Reducing Vulnerability Fix Time: The new approach is expected to reduce the time it takes to fix cloud vulnerabilities.
4. Better Security Settings: The initiative will enable better security settings by default.
5. Infrastructure Hardening: Microsoft aims to harden its infrastructure to prevent encryption keys from falling into the wrong hands.
6. Faster Response to Software Flaws: With the SFI, Microsoft aims to respond faster to software flaws and improve its overall cybersecurity posture.

This announcement comes in the wake of criticism over Microsoft’s handling of cybersecurity issues, including accusations of “blatantly negligent” practices related to a major breach that targeted its Azure platform. With the SFI, Microsoft aims to respond faster to software flaws and improve its overall cybersecurity posture.