Microsoft Continues To Beat the Conflicker Drum -- Redmondmag.com

Microsoft Continues To Beat the Conflicker Drum

By Chris Paoli
04/25/2012

Listening to Tim Rains, director of Microsoft Trustworthy Computing, discuss today's release of the semi-annual Microsoft Security Intelligence Report (SIR), one might think it's 2008 all over again. And that's because Microsoft chose to spotlight that pesky Conficker worm that we've all been dealing with for the past four or so years.

So why is Microsoft sending up the smoke signals for a worm that hasn't seen a variant in over two years? Because the infection continues to spread. Microsoft said that over 600 million systems fell victim to it during the second half of 2011.

What's even more disheartening is the fact that 92 percent of these infections were caused by a hacker either swiping or guessing your password.

If I was a software developer like Microsoft, this figure would get under my skin. No matter how well you secure your products, no matter how quickly you respond to found vulnerabilities and no matter how much you beat the drum for stronger passwords (look at today's SIR release), you can't fully protect against bad habits and user ignorance.

How do you deal with user ignorance when it comes to passwords in your organization? Are you guilty of employing unsafe, yet easy-to-remember passwords? Let me know at [email protected].

About the Author

Chris Paoli (@ChrisPaoli5) is the associate editor for Converge360.

Featured

What's Inside Microsoft 365's Security Toolbox?

Microsoft provides plenty of native tools to secure Microsoft 365. IT pros just have to know where to look.
Microsoft Kills 30-Day Data Retention Policy for Copilot in Fabric

Microsoft this week announced several usability improvements coming to Copilot in Fabric in preparation of its general availability release later this year.
Using Microsoft Office to Build a Network Diagram 2

Now that we've set up our process, let's dig in with the actual execution.
Microsoft Graph 'Activity Logs' Feature Goes Live

Microsoft announced the general availability of the "activity logs" capability in Microsoft Graph, giving administrators more options to track user activity and identify patterns of potential misuse.
Fallout from Microsoft's 'Midnight Blizzard' Saga Hits Feds

When the Russian attack group Midnight Blizzard successfully breached Microsoft corporate e-mail accounts late last year, it apparently managed to steal U.S. government agency e-mails, too.