More than half of state-sponsored cyberattacks come from Russia, Microsoft says
Russia has accounted for more than half of all cyber attacks observed by Microsoft in the past year, the company said.
The software giant has published its annual report Digital Defense Report Thursday, which covers the period from July 2020 to June 2021.
The main strength of the study is that attacks by Russian state actors account for 58% of all computer intrusions.
The success rate of hackers in the country has increased from 21% last year to 32% in 2021.
The three main countries targeted by these attacks were the United States, Ukraine and the United Kingdom.
Their main targets were government intelligence-gathering agencies, according to the study, dropping from 3% of attacks in 2020 to 53% in 2021.
Hackers mainly focus on agencies involved in foreign policy, national security, or defense, such as the US network monitoring software company. Solar winds.
What is the report about?
The report is a compilation of 134 pages of data and information collected and observed by Microsoft.
Its main goal is to help businesses, organizations and governments around the world better understand the cyber world and protect themselves in the vast cybersecurity landscape.
During the pandemic, Microsoft noticed an increase in cyber attacks and explained it as increased reliance on telecommunications, giving “malicious actors new vectors to access targeted private networks that were scrambling to support new ways of doing business.” .
When a customer, whether an organization or an individual account holder, is targeted by state-sanctioned activity tracked by Microsoft, they send a nation-state notification (NSN ).
Over the past three years, it has delivered over 20,500 NSNs.
These cyber attacks were carried out by state actors who work for a government to disrupt or compromise targets and breach their security to access valuable data. In other words, they have a “license to hack”.
“Victims of attacks often have information relevant to the intelligence needs of an opposing government, which is why so many government agencies and think tanks are under attack,” the report noted.
However, the role of private industry in supporting remote workers, increasing health services, COVID-19 vaccine research, and COVID-19 vaccine distribution have also made them more common targets. for those sophisticated actors looking for information for national security or government intelligence purposes. ”
What’s in the report?
Russia isn’t the only country on Microsoft’s radar, according to the report. The largest number of attacks recorded came from North Korea, Iran and China.
For the first time, South Korea and Turkey have entered Microsoft’s annual report.
Most of the sectors attacked showed that nearly 80 percent of those targeted were either in government, NGOs or think tanks.
The state of cybercrime
Microsoft has witnessed an increase in cybercrime, particularly ransomware attacks, which were already a reported issue in the 2020 survey.
“Cybercriminals target and attack all sectors of critical infrastructure, including healthcare and public health, information technology (IT), financial services and energy sectors,” the report states. This year.
For example, identity and password attacks as well as phishing attacks are on the increase.
“Why would an attacker break in when he can log in?” Asks the report. More than 15,000 phishing sites have been neutralized in three months, according to Microsoft.
The investigation also looked at Distributed Denial of Service (DDoS) attacks. These types of attacks hinder or completely prevent users from accessing websites by sending multiple requests at the same time in order to overload them and make user browsing extremely slow.
The Internet of Things (IoT) also appears to be one of the most important targets, with the proliferation of connected objects. With such a proliferation, Microsoft points to a certain lack of rigor in terms of security, since 20 million devices were found to use the default password “admin” in just 45 days of signals.
How to secure your devices?
How can the user prevent such violations? At the end of the report, Microsoft offers some general guidelines, gathered under the “cybersecurity bell curve,” a reminder of basic safety hygiene.
If properly applied, these habits can protect against 98% of attacks, assures the web giant.
As we increasingly do our work online, so do criminals and attackers of nation states.
Getting the basics right, such as enabling multi-factor authentication, enforcing least privileged access, using antimalware, or updating versions, is often the best way to disrupt and to prevent their attacks.