Microsoft Security Intelligence Report Volume 22 is now available

• Microsoft kicked off Microsoft 365
• Microsoft president calls for 'urgent collective action' after major cyberattack
• Microsoft asks for exception program on Trump immigration orders
• Microsoft helps start-up community in HCM City

In this 22nd volume, Microsoft has made two significant changes: organizing the data sets into two categories, cloud and endpoint; sharing data from a shorter time period, one quarter (January 2017 – March 2017), instead of the typical six months.

The threat landscape is constantly changing. Going forward, Microsoft plan to improve how they share the insights, and plan to share data on a more frequent basis - so that you can have more timely visibility into the latest threat insights.

Here are 3 key findings from the report: The frequency and sophistication of attacks on consumer and enterprise accounts in the cloud is growing (There was a 300 percent increase in Microsoft cloud-based user accounts attacked year-over-year (Q1-2016 to Q1-2017);

Cloud services such as Microsoft Azure are perennial targets for attackers seeking to compromise and weaponize virtual machines and other services, and these attacks are taking place across the globe; Ransomware is affecting different parts of the world to varying degrees.

Especially, ransomware encounter rates are the lowest in Japan (0.012 percent in March 2017), China (0.014 percent), and the United States (0.02 percent). Ransomware encounter rates are the highest in Europe vs. the rest of the world in 1Q17. 

Multiple European countries, including the Czech Republic (0.17 percent), Italy (0.14 percent), Hungary (0.14 percent), Spain (0.14 percent), Romania (0.13 percent), Croatia (0.13 percent), and Greece (0.12 percent) had much higher ransomware encounter rates than the worldwide average in March 2017.