Microsoft says Russia was the source of many of the country's cyber attacks last year, followed by North Korea, Iran and China. In its latest Digital Defense report, the company highlights the trend of cybercrime activity, which is increasing in size and complexity every month.
Cyber attacks are on the rise, and Microsoft says Russian-backed hackers are responsible for more campaigns collected by all countries.
The company's digital defense report this year from a wealth of data and a number of trends related to cybercrime, supply chain security, mixed labor, disinformation, and malicious activities of the national government such as data breaches and attacks are considered ransomware.
< p> (Click to expand)
In a report, Microsoft Vice President of Security and Customer Trust Tom Burt said that less than 58% of all cyber attacks the company observed between July 2020 and June 2021 were solely from Russia. Not only that, but attacks from the region are getting more and more effective - roughly one in three people manage to endanger the security of the targeted organizations or populations.
More than half of the operations were carried out by the Russians. Government agencies appear to be directed to government agencies and medical institutions to gather information about foreign policy and national security. The United States, Britain and Ukraine were the most targeted countries.
< p> (Click to enlarge)
Almost all remaining nation-state activities have been observed from China, Iran and North Korea, China is largely responsible for the SolarWinds and Exchange Server attacks, but has some of the most talented white-hat hackers in the world. Some Chinese actors, such as CHROMIUM, have been seen targeting neighboring countries to gain insights into investments, negotiations and economic resilience programmes. Others, like NICKEL, have done the same with government agencies in Europe and Central and South America.
Iranian hacker groups collaborated with Russian hackers to undermine the US presidential election last year. Iran recently escalated its cyber attacks on Israel amid rising tensions between the two countries, according to a Microsoft report.
North Korea has a long history of attacking cryptocurrency exchanges and mining to extract funding for its weapons program. However, as the pandemic spread to the country's fragile economy, North Korean hackers from the notorious LAZARUS group sought to dig into details of online shoppers' cards and social engineering campaigns targeting security researchers.
Overall, nearly 80% of nation-state activities targeted government agencies and organizations. Over the past three years, Microsoft has warned its customers at least 20,500 times that malicious gamers are trying to hack their system. Redmond is just one of many companies in the broader security community, so its focus is limited to some cyberattack.Also read: Are you afraid of ransomware attacks? Here's how to protect yourself with Ransomware Protection in Windows 10
Ransomware attacks have also gotten worse, as activists have grown bolder over the past year. Some of you may remember the colonial pipeline attack earlier this year, which provoked a strong response from the government. However, Microsoft targets ransomware campaigns (13%), financial services (12%), government (11%), manufacturing (12%) and healthcare (9%). Nor does it help because the "cybercrime-as-a-service" economy is quickly becoming a vast online marketplace where anyone - even the less technically-minded among us - can buy low-cost ransomware for $66. Then you have user authentication for a variety of services or organizations selling each combination for between $1 and $50, in some cases much more depending on the perceived value to the victim.
< p> (Click to enlarge) p>
All of this is facilitated by a diverse ecosystem of cryptocurrency deposit services that act as intermediaries between buyers and sellers. This has led the US Department of Justice to form a new crypto enforcement team that deals with criminals who misuse digital tokens, which Microsoft says is a step in the right direction.
Another positive trend is that governments and companies are getting closer to reporting and dealing with cybersecurity incidents. Some countries enact new laws that consider these incidents a threat to national security. A notable example is the Netherlands, which will use intelligence and armed forces to respond to ransomware attacks - a decision other countries are likely to reverse in the coming years. Finally, Microsoft has raised the challenges of creating better security for its shared workforce. Several companies are currently moving into relatively unknown waters for hybrid and remote business having had to move in that direction due to the coronavirus pandemic. This has created a broader level of cybercriminals, but the risks can be reduced by following the basic principles of cybersecurity.
(Click to enlarge)
One recommended step is to make everyone in your organization have multi-factor authentication, which is one of the cheapest layers of security you can get. Add . Microsoft says that this alone can prevent 98% of the attacks we see today because the person who stole or purchased the data couldn't effectively use it to break into your network.
The good news is that Microsoft 220 has seen an increase in the use of multi-factor authentication between partner companies and customers. However, the company notes that we still have a long way to go before organizations can use stronger authentication methods.
Microsoft: More than half of nation-state cyberattacks come from Russia