Microsoft’s CVP of Fraud on Combating Ecosystem Abuse

In this episode of the Microsoft Threat Intelligence Podcast, host Sherrod DeGrippo is joined by two expert guests to explore critical challenges in today’s evolving threat landscape. 

First, Sherrod sits down with Kelly Bissell, CVP of Fraud at Microsoft, to discuss the complexities of combating fraud and product abuse. Kelly digs into the unique challenges Microsoft faces, highlighting prevalent schemes such as crypto mining, tech support scams, and the exploitation of deepfakes. Kelly also shares insights into Microsoft’s proactive approach, including recent Azure policy changes and efforts to detect and prevent fraud across its services, especially those attempting to use the compute power for crypto mining. 

Later, Sherrod is joined by Priyanka Ramesha, Senior Threat Researcher on the Defender Experts team, to examine the rising risks of cloud-native attacks. They unpack why threat actors are increasingly targeting the cloud, exploiting its complexity, scalability, and common misconfigurations. Priyanka explains how attackers gain initial access through tactics like phishing, API exploitation, and OAuth abuse, and outlines their methods for credential theft, lateral movement, and data exfiltration. 

In this episode you’ll learn:      

• What crypto mining looks like in Azure and how Microsoft detects and prevents it 
• The five main areas of fraud and product abuse that Microsoft focuses on 
• How attackers exploit the complexity and misconfigurations in cloud infrastructures 

Some questions we ask:     

• How long do crypto mining operations run unnoticed in a customer's environment? 
• What changes did Microsoft make to its policy regarding crypto mining? 
• Why are legitimate apps sometimes compromised and used in attacks? 

Resources:  

View Kelly Bissell on LinkedIn   

View Priyanka Ramesha on LinkedIn  

View Sherrod DeGrippo on LinkedIn  

Related Microsoft Podcasts:                   

• Afternoon Cyber Tea with Ann Johnson 
• The BlueHat Podcast 
• Uncovering Hidden Risks     

Discover and follow other Microsoft podcasts at microsoft.com/podcasts  

Get the latest threat intelligence insights and guidance at Microsoft Security Insider 

The Microsoft Threat Intelligence Podcast is produced by Microsoft and distributed as part of N2K media network.