Skip Links

Microsoft: We're not vulnerable to DDoS attacks

Microsoft's John Howie claims Microsoft security is stronger than Sony and RSA which were hacked due to "rookie mistakes." The software giant also released Volume 10 of its Security Intelligence Report.

By Ms. Smith on Wed, 07/06/11 - 2:30pm.

Uh-oh. There's nothing quite like throwing down the gauntlet and virtually taunting hackers to prove a proud boast is false. In what some attackers might consider a dare,  John Howie, Microsoft's senior director in the Online Services Security & Compliance (OSSC) team, basically claimed that Microsoft sites are unhackable and can't be DDoSed.

According to Microsoft, "rookie mistakes" by Sony and security firm RSA caused the corporations to be brought down by hackers. Howie told Computing News that Sony was coded badly and failed to patch its servers. "These are rookie mistakes," Howie said.  In regards to the breach at RSA, Howie stated, "RSA got hacked because someone got socially engineered and opened a dodgy email attachment. A rookie mistake."

Howie added, "At Microsoft we have robust mechanisms to ensure we don't have unpatched servers. We have training for staff so they know how to be secure and be wise to social engineering. We have massively overbuilt our internet capacity, this protects us against DoS attacks. We won't notice until the data column gets to 2GB/s, and even then we won't sweat until it reaches 5GB/s. Even then we have edge protection to shun addresses that we suspect of being malicious."

In other Microsoft security news, after analyzing 600 million computers worldwide, Microsoft released Volume 10 of its Security Intelligence Report (SIR). It  focuses on malware, software vulnerability disclosures, vulnerability exploits, and related trends. The majority of all vulnerabilities in 2010 were vulnerabilities in applications versus operating systems or web browsers. Exploiting Java vulnerabilities topped the list of exploitation categories over generic HTML/scripting exploits, operating system exploits, and document exploits. Adobe Acrobat and Reader accounted for the highest number of document format exploits. Windows 7 and Windows Server 2008 R2 had the lowest operating system infection rate for both client and server platforms. 64-bit versions of Windows 7 which "appeal to a more technically savvy audience than their 32-bit counterparts" have the lowest infection rates.

In regard to malicious websites, phishers targeted gaming sites in the first half of 2010 but then targeted social networks. Yet the "number of active sites targeting gaming sites remained relatively high during the second half of the year, which suggests that more campaigns may be coming."

According to the SIR [PDF] Global Threat Assessment graph below, in the 4th quarter of 2010, the most common threat in the USA  was miscellaneous Trojans which affected 38.6% of all cleaned computers. This was down from 43.8% in the 3rd quarter. The second most common threat was Adware which affected 28.3% of all cleaned computers and was up from 23% in the third quarter. "Miscellaneous Potentially Unwanted Software" was the third most common threat in the U.S. and affected 24.6% of cleaned computers. The MSRT detected malware on 11.6 of every 1,000 computers scanned in U.S. in 4Q10 giving the States "a CCM score of 11.6, compared to the 4Q10 average worldwide CCM of 8.7."

In the SIR Key Findings, JS/Pornpop which causes pop-under advertisements with adult content was the most commonly detected "malware threat family." Yet for enterprise, Pornpop was the fourth most common malware family "detected much less often on domain-joined computers." The reasons seem ovbious, since many corporate policies block illicit content . . . plus it would be rather stupid to surf porn at work.  Instead, Win32/Conficker led enterprise threats.

For more information, you can download the Key Findings Summary [PDF] or full 2010 SIR report on Microsoft.

Like this? Here's more posts:

Follow me on Twitter @PrivacyFanatic