What else is causing this?
In a world of anonymous currencies, it is--‘impossible’ is a strong word, there’s no such thing--it’s very difficult to follow the money. And that’s how most criminals get caught, by following the money. Al Capone, one of the most famous criminals of all time, didn’t get caught by some big, tough macho guy knocking the door down. It was an accounting nerd who figured out he was doing tax evasion. They put him in jail for tax evasion.
We can‘t do that with all these anonymous currencies, which are used in 100 percent of at least ransomware and about 97 percent of all compensated cybercrime that has happened. [Systems and data are] the most valuable assets of companies, and we’ve created incentives for people to go and steal it. If you get caught, you get a slap on the wrist. And the chance of getting caught is almost zero, first, because it’s really hard to do it with an anonymous currency, and two, there’s no one to try to catch you. So we, Microsoft, and all the IT and security people are dealing with the same [stuff]. It has to be a layered approach. It has to be a compartmentalized approach. . ... Microsoft published what, a couple hundred vulnerabilities recently? It’s not a knock on Microsoft. Microsoft’s awesome. It’s not ‘if,’ it’s ‘when’ [you get hit], and the key thing you can do is build your architecture and your policies and your protocols [so that] when it happens, the impact is minimal.
And I think we demonstrated that in July. We had a breach and we had 56 out of 37,000 get hit. That‘s too many. How do we not get hit again? There are things we’re doing. Obviously, I’m not going to tell you what we’re doing because then the bad guys would have the information. But it’s about resource allocation. It’s about hiring really smart third-party companies. We had Krebs in here. We had FireEye in here. We have really smart people helping us and working with the feds on an ongoing basis. It’s not just, ’Hey, there’s a breach, help me.’