back to article Never mind Russia: Turkey and Vietnam are Microsoft's new state-backed hacker threats du jour

Iran, Turkey and both North and South Korea are bases for nation-state cyber attacks, Microsoft has claimed – as well as old favourite Russia. While more than half of cyberattacks spotted by Redmond came from Russia, of more interest to the wider world is information from the US megacorp's annual Digital Defence Report about …

  1. Yet Another Anonymous coward Silver badge

    Password policies .... arghhhhh

    Apparently October is cyber month!

    So corporate It have sent out more security training with their normal inimitable style.

    An email to everyone with a link to some training video telling you not to click on random links

    It did contain useful information about passwords, "horsebatterystaple" instead of Password123 for example.

    Now we all have to change password, but the rules are max 16 chars, upper+lower+symbol+number !

    And the disabled pin login, the thing that Microsoft introduced so you didn't enter your password 20 times a day precisely so you could have a more secure password.

    And we have 2fa, which means having the Microsoft 2fa app on your phone, which they don't provide, but must be unrooted and you have to give IT the ability to manage the device in order to run the 2fa app.

    And somehow it needs a new 2fa when you open outlook, then teams, then office365, then onedrive.....

    1. Chris G

      Re: Password policies .... arghhhhh

      If I worked for a company who wanted to get access to my phone, root it and install an app on it for 2FA, they would have to provide a phone to do it on.

      My last employer before I retired, wanted me to install whatsapp on my phone, I said no so they gave me a cheap no name smartphone that I discovered had a tracking app on it, disabled the app, lost the phone twice and dropped it in the sea while working on the boss's yacht.

      They didn't bother with a replacement.

  2. Kabukiwookie

    Coming from a company that has according to the Snowden leaks been working with the NSA since 2007, this report should be taken for the US propaganda it is.

    1. Yet Another Anonymous coward Silver badge

      Russia are our friends, we have always been at war with Turkey

      1. Clausewitz 4.0

        Please remind ppl without prompt access to El Reg backend servers/logs to check your IP address or the IP from your VPN, from which country are you from, when making such assertions.

        1. martinusher Silver badge

          We're all in the IT game in one way or another but sometimes some of us need reminding about a few things.

          One is that IPv4 addresses aren't a reliable guide to a person's identity or location. You can make some guesses based on what organization an address is assigned to but addresses are so easy to spoof that anyone needing to disguise their true location can easily do so.

          Another is that you just can't tie a group -- "Russians", say -- to an individual "Russian". Our politicians do this all the time because that's what they do. We should know better; you can't make accurate deductions about a group of 150 million from the actions of an individual. (Same with "Chinese" -- there's billions of them and, no, they're not all alike.)

          Another is that any sophisticated hacking operation should be both hiding its tracks and possibly planting a trail of misleading information. It might also have reverse tracking information in it to figure out whether the code's been discovered and if so by whom.

          (Turkey and Vietnam may have taken over from Russia simply because the Russian government has decided to take action against domestic hackers because of the bad press they're getting. The people responsible are not likely to be physically present in any one location.)

  3. Anonymous Coward
    Big Brother

    Usual Suspects

    At this point, the Usual Suspects can be defined as Everyone.

  4. amanfromMars 1 Silver badge

    A Suitable Case for Immediate Therapy/Mental Health Treatment

    Does Uncle Sam Associates see everybody as an enemy destroying them and something to generate fleet of foot perverse interest for the creation of dollars for the spending and trashing and abandoning of home blood and treasure with global attacks on foreign civilian and alien paramilitary defences?

    Are there any pills/drugs cocktails available to prevent that illness taking over mad control of the host and becoming a Despised and Despotic Universal Pariah?

  5. Pascal Monett Silver badge

    "be protected from over 99 per cent of the attacks we see today."

    There is no protection for the idiot who clicks on a link in a mail he got from someone he doesn't know.

  6. clyde666

    hacker versus email

    Email is more trouble to most people than hacking.

    Either way, I monitor the Brute Force Monitor on one of my servers. Attacks / attempted attacks / attempted intruders from USA more than outnumber all other countries combined.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like