{"id":79811,"date":"2018-01-23T09:00:13","date_gmt":"2018-01-23T17:00:13","guid":{"rendered":"https:\/\/cloudblogs.microsoft.com\/microsoftsecure\/?p=79811"},"modified":"2023-05-15T23:07:43","modified_gmt":"2023-05-16T06:07:43","slug":"overview-of-rapid-cyberattacks","status":"publish","type":"post","link":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2018\/01\/23\/overview-of-rapid-cyberattacks\/","title":{"rendered":"Overview of rapid cyberattacks"},"content":{"rendered":"<p>Rapid cyberattacks like Petya and WannaCrypt have reset our expectations on the speed and scope of damage that a cyberattack can inflict. The Microsoft Enterprise Cybersecurity Group Detection and Response team worked extensively to help customers respond to and recover from these kinds of attacks. In 2017, among the global enterprise customers that we worked with, these rapid cyberattacks took down most or all IT systems in just about one hour, resulting in $200M &#8211; 300M USD of damage at several customers. <a href=\"#_ftn1\">[1]<\/a><\/p>\n<p>Attackers assembled several existing techniques into a new form of attack that was both:<\/p>\n<ul>\n<li><strong>Fast<\/strong> &#8211; Took about an hour to spread throughout the enterprise<\/li>\n<li><strong>Disruptive<\/strong> &#8211; Created very significant business disruption at global enterprises<\/li>\n<\/ul>\n<h2>What is a rapid cyberattack?<\/h2>\n<p>Rapid cyberattacks are fast, automated, and disruptive\u2014setting them apart from the targeted data theft attacks and various commodity attacks, including commodity ransomware, that security programs typically encounter:<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"size-large wp-image-79814 aligncenter\" src=\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2018\/01\/Rapid-cyberattack-1024x371.png\" alt=\"\" width=\"1024\" height=\"371\" srcset=\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2018\/01\/Rapid-cyberattack-1024x371.png 1024w, https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2018\/01\/Rapid-cyberattack-300x109.png 300w, https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2018\/01\/Rapid-cyberattack-768x278.png 768w, https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2018\/01\/Rapid-cyberattack-2000x726.png 2000w, https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2018\/01\/Rapid-cyberattack.png 2006w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/p>\n<p style=\"text-align: center;\"><em>Figure 1: Characteristics of rapid cyberattacks<\/em><\/p>\n<ul>\n<li><strong>Rapid and Automated<\/strong> &#8211; Much like the worms of decades past (remember Nimda? SQL Slammer?), these attacks happen very rapidly because self-propagation is fully automated once the malware is launched.<\/li>\n<li><strong>Disruptive<\/strong> \u2013 Rapid cyberattacks are designed to be disruptive to business and IT operations by encrypting data and rebooting systems.<\/li>\n<\/ul>\n<h2>What are the technical and business impacts of a rapid cyberattack?<\/h2>\n<p>From a technical perspective, this represents the near-worst case technical risk, and resulting business risk, from a cybersecurity attack. While many of us in cybersecurity have grown accustomed to and jaded with sales presentations describing \u201cdoomsday scenario\u201d tactics, these attacks indisputably represent real world cases of mass business impact on organizations.<\/p>\n<p>For many of the Petya victims, most or all their computers were taken down in about one hour (~62,000 servers and workstations in a global network, in one case). In these customer environments where our incident response teams were engaged, many critical business operations came to a full stop while the IT team recovered systems.<\/p>\n<p>From a business perspective, some organizations suffered losses in the range $200M &#8211; 300M USD and had to change the operating results they reported to shareholders. Note that the actual level of business impact can vary by industry, organization size, existing risk management controls, and other factors. However, it\u2019s clear that the monetary and resource impacts from rapid attacks can be significant.<\/p>\n<h2>What makes rapid cyberattacks different from other attacks?<\/h2>\n<p>Petya differed from several accepted attack norms, taking many defenders by surprise. Here are four of the ways it did so:<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"size-large wp-image-79817 aligncenter\" src=\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2018\/01\/What-made-Petya-different-1024x462.png\" alt=\"\" width=\"1024\" height=\"462\" srcset=\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2018\/01\/What-made-Petya-different-1024x462.png 1024w, https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2018\/01\/What-made-Petya-different-300x135.png 300w, https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2018\/01\/What-made-Petya-different-768x347.png 768w, https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2018\/01\/What-made-Petya-different.png 1841w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/p>\n<p style=\"text-align: center;\"><em>Figure 2: What made Petya different<\/em><\/p>\n<ol>\n<li><strong>Supply chain<\/strong> &#8211; One of the more unusual aspects of the Petya attack is that it used a supply chain attack to enter target environments instead of phishing or browsing, which are vastly more prevalent methods used by threat actors for most attacks. While we are seeing an emerging trend of supply chain attacks, particularly in IT supply chain components like the MEDoc application, it is still a small minority of attack volume vs. the usual phishing\/browsing attack methods.<\/li>\n<li><strong>Multi-technique<\/strong> \u2013 While Petya wasn\u2019t the first malware to automate propagation or use multiple propagation techniques, its implementation was an extremely effective combination of exploiting a powerful software vulnerability and using impersonation techniques.<\/li>\n<li><strong>Fast<\/strong> \u2013 The propagation speed of Petya cannot be understated. Prior to AV signatures being available, it left <em>very little<\/em> time for defenders to react (detect + manually respond or detect + write automatic response rules), leaving defenders completely reliant on preventive controls under Protect function in the NIST cybersecurity framework\u00a0and recovery processes.<\/li>\n<li><strong>Destructive<\/strong> \u2013 Petya rebooted the system and encrypted the master file table (MFT) of the filesystem. This made it more difficult to recover individual machines, but also spared many enterprises an even worse impact because it didn\u2019t encrypt storage which wasn\u2019t accessible after this reboot (e.g. Petya\u2019s boot code didn\u2019t have SAN drivers and couldn\u2019t reach that storage).<\/li>\n<\/ol>\n<h2>More information<\/h2>\n<h4>To learn more about rapid cyber attacks and how to protect against them, watch the on-demand webinar: <a href=\"https:\/\/aka.ms\/rapidattack-webinar\">Protect Against Rapid Cyberattacks (Petya [aka NotPetya], WannaCrypt, and similar)<\/a>.<\/h4>\n<p>Look out for the next blog post of a 3-part series to learn how Petya works and key takeaways.<\/p>\n<hr \/>\n<p><a href=\"#_ftnref1\">[1]<\/a> <a href=\"https:\/\/www.enterprisemobilityexchange.com\/news\/notpetya-cyber-attack-costs-maersk-at-least-200m\">https:\/\/www.enterprisemobilityexchange.com\/news\/notpetya-cyber-attack-costs-maersk-at-least-200m<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Rapid cyberattacks like Petya and WannaCrypt have reset our expectations on the speed and scope of damage that a cyberattack can inflict. The Microsoft Enterprise Cybersecurity Group Detection and Response team worked extensively to help customers respond to and recover from these kinds of attacks. In 2017, among the global enterprise customers that we worked [&hellip;]<\/p>\n","protected":false},"author":61,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"ep_exclude_from_search":false,"_classifai_error":"","footnotes":""},"content-type":[3662],"topic":[3674,3688],"products":[],"threat-intelligence":[],"tags":[3753,3822],"coauthors":[1906],"class_list":["post-79811","post","type-post","status-publish","format-standard","hentry","content-type-news","topic-incident-response","topic-threat-trends","tag-cybersecurity-policy","tag-microsoft-security-insights"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v23.7 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Overview of rapid cyberattacks | Microsoft Security Blog<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2018\/01\/23\/overview-of-rapid-cyberattacks\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Overview of rapid cyberattacks | Microsoft Security Blog\" \/>\n<meta property=\"og:description\" content=\"Rapid cyberattacks like Petya and WannaCrypt have reset our expectations on the speed and scope of damage that a cyberattack can inflict. The Microsoft Enterprise Cybersecurity Group Detection and Response team worked extensively to help customers respond to and recover from these kinds of attacks. In 2017, among the global enterprise customers that we worked [&hellip;]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2018\/01\/23\/overview-of-rapid-cyberattacks\/\" \/>\n<meta property=\"og:site_name\" content=\"Microsoft Security Blog\" \/>\n<meta property=\"article:published_time\" content=\"2018-01-23T17:00:13+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2023-05-16T06:07:43+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/uploads\/2018\/01\/Rapid-cyberattack-1024x371.png\" \/>\n<meta name=\"author\" content=\"Mark Simos\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Mark Simos\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2018\/01\/23\/overview-of-rapid-cyberattacks\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2018\/01\/23\/overview-of-rapid-cyberattacks\/\"},\"author\":[{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/author\/mark-simos\/\",\"@type\":\"Person\",\"@name\":\"Mark Simos\"}],\"headline\":\"Overview of rapid cyberattacks\",\"datePublished\":\"2018-01-23T17:00:13+00:00\",\"dateModified\":\"2023-05-16T06:07:43+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2018\/01\/23\/overview-of-rapid-cyberattacks\/\"},\"wordCount\":702,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#organization\"},\"image\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2018\/01\/23\/overview-of-rapid-cyberattacks\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2018\/01\/Rapid-cyberattack-1024x371.png\",\"keywords\":[\"Cybersecurity policy\",\"Microsoft Security Insights\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2018\/01\/23\/overview-of-rapid-cyberattacks\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2018\/01\/23\/overview-of-rapid-cyberattacks\/\",\"url\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2018\/01\/23\/overview-of-rapid-cyberattacks\/\",\"name\":\"Overview of rapid cyberattacks | Microsoft Security Blog\",\"isPartOf\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2018\/01\/23\/overview-of-rapid-cyberattacks\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2018\/01\/23\/overview-of-rapid-cyberattacks\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2018\/01\/Rapid-cyberattack-1024x371.png\",\"datePublished\":\"2018-01-23T17:00:13+00:00\",\"dateModified\":\"2023-05-16T06:07:43+00:00\",\"breadcrumb\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2018\/01\/23\/overview-of-rapid-cyberattacks\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2018\/01\/23\/overview-of-rapid-cyberattacks\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2018\/01\/23\/overview-of-rapid-cyberattacks\/#primaryimage\",\"url\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2018\/01\/Rapid-cyberattack.png\",\"contentUrl\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2018\/01\/Rapid-cyberattack.png\",\"width\":2006,\"height\":726},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2018\/01\/23\/overview-of-rapid-cyberattacks\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Overview of rapid cyberattacks\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#website\",\"url\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/\",\"name\":\"Microsoft Security Blog\",\"description\":\"Expert coverage of cybersecurity topics\",\"publisher\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#organization\",\"name\":\"Microsoft Security Blog\",\"url\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2018\/08\/cropped-cropped-microsoft_logo_element.png\",\"contentUrl\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2018\/08\/cropped-cropped-microsoft_logo_element.png\",\"width\":512,\"height\":512,\"caption\":\"Microsoft Security Blog\"},\"image\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#\/schema\/logo\/image\/\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Overview of rapid cyberattacks | Microsoft Security Blog","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2018\/01\/23\/overview-of-rapid-cyberattacks\/","og_locale":"en_US","og_type":"article","og_title":"Overview of rapid cyberattacks | Microsoft Security Blog","og_description":"Rapid cyberattacks like Petya and WannaCrypt have reset our expectations on the speed and scope of damage that a cyberattack can inflict. The Microsoft Enterprise Cybersecurity Group Detection and Response team worked extensively to help customers respond to and recover from these kinds of attacks. In 2017, among the global enterprise customers that we worked [&hellip;]","og_url":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2018\/01\/23\/overview-of-rapid-cyberattacks\/","og_site_name":"Microsoft Security Blog","article_published_time":"2018-01-23T17:00:13+00:00","article_modified_time":"2023-05-16T06:07:43+00:00","og_image":[{"url":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/uploads\/2018\/01\/Rapid-cyberattack-1024x371.png"}],"author":"Mark Simos","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Mark Simos","Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2018\/01\/23\/overview-of-rapid-cyberattacks\/#article","isPartOf":{"@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2018\/01\/23\/overview-of-rapid-cyberattacks\/"},"author":[{"@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/author\/mark-simos\/","@type":"Person","@name":"Mark Simos"}],"headline":"Overview of rapid cyberattacks","datePublished":"2018-01-23T17:00:13+00:00","dateModified":"2023-05-16T06:07:43+00:00","mainEntityOfPage":{"@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2018\/01\/23\/overview-of-rapid-cyberattacks\/"},"wordCount":702,"commentCount":0,"publisher":{"@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#organization"},"image":{"@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2018\/01\/23\/overview-of-rapid-cyberattacks\/#primaryimage"},"thumbnailUrl":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2018\/01\/Rapid-cyberattack-1024x371.png","keywords":["Cybersecurity policy","Microsoft Security Insights"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/www.microsoft.com\/en-us\/security\/blog\/2018\/01\/23\/overview-of-rapid-cyberattacks\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2018\/01\/23\/overview-of-rapid-cyberattacks\/","url":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2018\/01\/23\/overview-of-rapid-cyberattacks\/","name":"Overview of rapid cyberattacks | Microsoft Security Blog","isPartOf":{"@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2018\/01\/23\/overview-of-rapid-cyberattacks\/#primaryimage"},"image":{"@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2018\/01\/23\/overview-of-rapid-cyberattacks\/#primaryimage"},"thumbnailUrl":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2018\/01\/Rapid-cyberattack-1024x371.png","datePublished":"2018-01-23T17:00:13+00:00","dateModified":"2023-05-16T06:07:43+00:00","breadcrumb":{"@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2018\/01\/23\/overview-of-rapid-cyberattacks\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.microsoft.com\/en-us\/security\/blog\/2018\/01\/23\/overview-of-rapid-cyberattacks\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2018\/01\/23\/overview-of-rapid-cyberattacks\/#primaryimage","url":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2018\/01\/Rapid-cyberattack.png","contentUrl":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2018\/01\/Rapid-cyberattack.png","width":2006,"height":726},{"@type":"BreadcrumbList","@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2018\/01\/23\/overview-of-rapid-cyberattacks\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/"},{"@type":"ListItem","position":2,"name":"Overview of rapid cyberattacks"}]},{"@type":"WebSite","@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#website","url":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/","name":"Microsoft Security Blog","description":"Expert coverage of cybersecurity topics","publisher":{"@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#organization","name":"Microsoft Security Blog","url":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2018\/08\/cropped-cropped-microsoft_logo_element.png","contentUrl":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2018\/08\/cropped-cropped-microsoft_logo_element.png","width":512,"height":512,"caption":"Microsoft Security Blog"},"image":{"@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#\/schema\/logo\/image\/"}}]}},"msxcm_display_generated_audio":false,"distributor_meta":false,"distributor_terms":false,"distributor_media":false,"distributor_original_site_name":"Microsoft Security Blog","distributor_original_site_url":"https:\/\/www.microsoft.com\/en-us\/security\/blog","push-errors":false,"_links":{"self":[{"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/posts\/79811"}],"collection":[{"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/users\/61"}],"replies":[{"embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/comments?post=79811"}],"version-history":[{"count":0,"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/posts\/79811\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/media?parent=79811"}],"wp:term":[{"taxonomy":"content-type","embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/content-type?post=79811"},{"taxonomy":"topic","embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/topic?post=79811"},{"taxonomy":"products","embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/products?post=79811"},{"taxonomy":"threat-intelligence","embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/threat-intelligence?post=79811"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/tags?post=79811"},{"taxonomy":"author","embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/coauthors?post=79811"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}