Microsoft Digital Defence Report 2023: Microsoft Issues New Cybercrime and State-Sponsored Cyber Operations Report
Microsoft Digital Defence Report 2023: Microsoft Issues New Cybercrime and State-Sponsored Cyber Operations Report
As stated by Microsoft in its Microsoft Digital Defence Report 2023, the countries most frequently targeted by cyberespionage and cybercrime threat actors are still the US, Ukraine, and Israel.
According to a recent analysis by Microsoft, the United States, Ukraine, and Israel are identified as the primary targets of cyberespionage and cybercrime attacks among a total of 120 countries that have been subjected to such attacks.
According to the tech giant in its Microsoft Digital Defence Report 2023, the attacks that were seen were driven by nation-state espionage and efforts to exert influence. Furthermore, it was found that over 40% of these attacks specifically targeted organizations involved in critical infrastructure. NATO member states were subject to approximately 50% of the observed cyberattacks on certain occasions.
According to Microsoft, the noteworthy attacks that garnered attention in the previous year were primarily centered around causing destruction or attaining financial benefits through ransomware. However, recent data indicates a shift in the major purpose behind these attacks, with a renewed focus on stealing information, clandestinely monitoring communication, or manipulating the content that individuals consume.
Based on the most recent Digital Defense Report (PDF – direct download) released by the company, it has been observed that during the period spanning from July 2022 to June 2023, Russian intelligence agencies have exhibited an increased level of aggression in their cyber attacks, specifically in relation to their involvement in the conflict in Ukraine. Concurrently, Iranian threat actors have been observed to intensify their efforts in conducting manipulative campaigns and targeting networks of significance for the purpose of espionage.
Both Russia and China have expanded their influence efforts, with Russia aiming to scare Ukrainian populations worldwide and China disseminating clandestine anti-US propaganda specifically targeting global Chinese-speaking and other communities.
Based on the analysis released by the prominent technology company, it has been observed that threat actors backed by states are progressively utilizing propaganda as a means to weaken democratic institutions and manipulate public opinion at both national and international levels.
China has significantly increased its state-sponsored cyberespionage efforts, which support its Belt and Road Initiative, as well as its targeting of important US military assets, major facilities, and essential infrastructure. In parallel, North Korean hackers have been observed focusing on a company involved in submarine technology, while persisting in their activities related to bitcoin theft.
The United States, Ukraine, and Israel have consistently experienced a high frequency of cyber attacks. However, during the past year, there has been a noticeable expansion in the geographical extent of these attacks on a worldwide scale. This phenomenon is notably evident in regions commonly referred to as the Global South, with a specific emphasis on Latin America and sub-Saharan Africa. Iran has expanded its activities in the Middle East. According to Microsoft, entities engaged in the formulation and implementation of policies were more susceptible to targeting, aligning with the observed trend toward espionage activities.
Based on the study of Microsoft Digital Defence Report 2023 provided by the prominent technology company — Microsoft, it is evident that threat actors supported by governments are progressively utilizing propaganda as a means to weaken democratic institutions and manipulate public opinion on both national and international scales.
Microsoft has also discovered that threat actors are employing artificial intelligence (AI) to enhance their influence operations. However, it is worth noting that this technology plays a crucial role in defense strategies, as it facilitates the automation and enhancement of several aspects such as detection, analysis, response, and prediction.
According to Microsoft in its Microsoft Digital Defence Report 2023, there has been a notable surge of 200% in human-operated ransomware assaults since September 2022, specifically aimed at enterprises and characterized by tailored ransom demands. According to research by Microsoft, there has been a twofold increase in the occurrences of data exfiltration subsequent to the breach since November 2022.
The technology corporation additionally highlights that a majority exceeding 80% of detected attacks may be traced back to unmanaged or bring-your-own devices. Furthermore, ransomware operators are strategically targeting vulnerabilities in less prevalent software as a means to evade detection.
The survey additionally indicates an increase in the occurrence of fatigue attacks targeting password-based and multi-factor authentication (MFA) systems. In the preceding year, Microsoft recorded an approximate daily count of 6,000 instances of MFA fatigue, along with an average rate of 4,000 password attacks per second in the year 2023.
About The Author:
Yogesh Naager is a content marketer who specializes in the cybersecurity and B2B space. Besides writing for the News4Hackers blog, he’s also written for brands including CollegeDunia, Utsav Fashion, and NASSCOM. Naager entered the field of content in an unusual way. He began his career as an insurance sales executive, where he developed an interest in simplifying difficult concepts. He also combines this interest with a love of narrative, which makes him a good writer in the cybersecurity field. In the bottom line, he frequently writes for Craw Security.
Read More Article Here: