Microsoft confronts cyberthreats by eliminating basic authentication.
Weak authentication systems in web applications and services are a Trojan horse for cyber attacks. In order to counteract them, logins with double or multiple authentication factor are already used in a large number of services, where the user often has to confirm access by entering a token sent to the phone via SMS or even by fingerprint. Today we know that basic systems based on a username and password have proven to be ineffective against a large percentage of attacks.
However, according to the latest Cyber Signals report from Microsoft elaborated with data from 1.2 billion Azure users, only 22% of users have this mechanism enabled, although Azure technology allows the user to enable or disable this security measure.
Why is it important to strengthen authentication?
According to Microsoft data, 50 million password attacks occur every day.
In its fight against cyber-attacks, Microsoft has been betting heavily on the double authentication factor for several years, and in order to avoid attacks that can be solved by this measure, it has set an expiration date for protocols that do not allow this type of authentication.
As a result, all companies that have an O365 tenant and use basic or legacy authentication protocols, as well as weak encryption protocols (TLS 1.0 TLS 1.1 and 3DES) will see these services stop working over the next few months.
What is basic authentication in Microsoft?
Basic or legacy authentication methods are those that are based on username and password only. In contrast, modern authentication at Microsoft refers to a combination of authentication and authorization methods that include multi-factor authentication (MFA) methods, authorization methods (OAuth) and conditional access policies to Microsoft cloud services (Azure).
How will the end of basic authentication affect this?
Microsoft will begin to deprecate basic authentication from July 2022.
It affects all Microsoft services, from Office tools, Outlook, etc. to network services such as Microsoft Exchange.
Muchos de estos servicios se encuentran en sistemas operativos o software de Windows que ya no cuentan con soporte, por lo que suponen a día de hoy un riesgo adicional en la ciberseguridad de las empresas, ya que no pueden actualizarse contra las nuevas amenazas. Los protocolos que no podrán funcionar con autorización básica son MAPI, RPC, Offline Address Book (OAB), Exchange Web Services (EWS), POP, IMAP, Exchange ActiveSync (EAS) y Remote PowerShell.
Securing Microsoft environments and cloud solutions
We are specialists in analyzing the company’s M365 implementation and we adapt the platform by integrating cybersecurity tools and applying specific configurations so that the information is protected at all times.
At SOFISTIC we perform a multilevel analysis of the situation of the cloud services, analyzing possible configuration defects or open doors in order to prevent future attacks.
At Sofistic we are delighted to announce that the security operations center Sofistic's SOC has recently achieved to be recognized as a member of FIRST, the international association that lists the most relevant cybersecurity incident response teams (CSIRTs, CERTs)...