Who looks at your data? Microsoft highlights cyber espionage

Share
Microsoft’s data shows that the primary motivation for cyberattacks has swung back towards a desire to steal information, covertly monitor communication, or to manipulate what people read
In its annual report, Microsoft has alerted to an increase in global cyber espionage operations, citing a need for businesses to improve digital defences

Microsoft recently released its Microsoft warns in its annual Digital Defense Report 2023 and highlights a rise in government-sponsored cyberespionage campaigns and information operations.

In the past year, Microsoft suggests that cyberattacks have impacted 120 countries, with government-sponsored spying and with influence operations (IO) also rising. Nearly half of these attacks targeted NATO member states and more than 40% were levelled against government or private-sector organisations involved in building and maintaining critical infrastructure. 

As threats continue to evolve, with changing criminal tactics and trends in phishing, businesses must operate with caution and intelligence to avoid potential cyberattacks.

How is new technology being used?

Whilst plenty of attacks over the past year were often focused on destruction or financial gain with ransomware, Microsoft’s data shows that the primary motivation has swung back towards a desire to steal information, covertly monitor communication, or to manipulate what people read.

The company cites the US, Ukraine and Israel as the most heavily attacked countries, but over the past year there has been an overall increase in the global scope of attacks. This is particularly the case, according to Microsoft, across Latin America and sub-Saharan Africa especially.

Organisations involved in policy-making were among the most targeted, in line with the shift in focus to espionage.

Source: Microsoft

Artificial intelligence (AI) has already been highlighted by Microsoft as having the potential to be used as a weapon in the cyber space - but greater regulations are coming.

Despite being used to advance cyberattack complexity, AI will also be crucial for successful defence, automating and augmenting aspects of cybersecurity such as threat detection, response, analysis and prediction. 

Microsoft highlights how AI can also enable large language models (LLMs) to generate natural language insights and recommendations from complex data and ultimately help to make analysts more effective and responsive. It is already helping to reverse the rising wave of cyberattacks, particularly in Ukraine.

A global call for fundamental security ‘hygiene’ practices

Microsoft also warns of password-based and multi-factor authentication (MFA) fatigue, having observed approximately 6,000 MFA fatigue attempts per day over the past year. 

According to the company, the first quarter of 2023 saw a dramatic tenfold surge in password-based attacks against cloud identities, especially in the education sector, from around 3 billion per month to over 30 billion.

That is an average of 4,000 password attacks per second targeting Microsoft cloud identities this year alone.

Key facts
  • 4,000 attacks blocked per second
  • 300+ threat actors tracked
  • 100,000+ domains removed
  • 135 million managed devices
  • 65 trillion signals synthesised

With this in mind, companies have been reminded to be alert to the rising risks of dual ransomware attacks, with the The Federal Bureau of Investigation (FBI) in particular highlighting awareness of when the same organisation is targeted more than once in quick succession.

The warning came in an FBI private industry notification dated 27 September 2023, stating: “The FBI noted a trend of dual ransomware attacks conducted in close proximity to one another. During these attacks, cyber threat actors deployed two different ransomware variants.”

It also pointed out that a range of ransomware tools are being used in different combinations that could cause potentially devastating consequences for companies. “This use of dual ransomware variants resulted in a combination of data encryption, exfiltration, and financial losses from ransom payments. Second ransomware attacks against an already compromised system could significantly harm victim entities,” the FBI says.

To mitigate risk, the FBI recommends companies review their security posture, maintain offline back-ups of critical data and ensure those back-ups are encrypted.

In the midst of widespread anxiety about greater cyberattacks, there is widespread worry that businesses will be unable to keep up. Microsoft is clear - the vast majority of successful cyberattacks could be prevented if organisations implement what it refers to as key security practices, ensuring that they are kept up to date.

******

For more insights into the world of Cyber - check out the latest edition of Cyber Magazine and be sure to follow us on LinkedIn & Twitter.

Other magazines that may be of interest - Technology Magazine | AI Magazine.

Please also check out our upcoming event - Cloud and 5G LIVE on October 11 and 12 2023.

******

BizClik is a global provider of B2B digital media platforms that cover Executive Communities for CEOs, CFOs, CMOs, Sustainability leaders, Procurement & Supply Chain leaders, Technology & AI leaders, Cyber leaders, FinTech & InsurTech leaders as well as covering industries such as Manufacturing, Mining, Energy, EV, Construction, Healthcare and Food.

BizClik – based in London, Dubai, and New York – offers services such as content creation, advertising & sponsorship solutions, webinars & events.

Share

Featured Articles

Cloudflare and the Push for E2E Encryption of Messaging Apps

Cloudflare has partnered with Whatsapp to deliver E2EE and Key Transparency for millions of users

Why Biden Was Proved Right on Push to Secure Water Utilities

The outgoing President has seen the threats posed by cyber attacks on specific utilise like water and has thus been pushing for tighter regulations

AI-Native Edge: Juniper Networks Vision of Networking

Juniper Network is aiming to offer visibility across network and security operations with its new Secure AI-Native Edge solution

DNV & CyberOwl Join to Give Shipping Huge Cyber Offering

Operational Security

Why is Active Directory a Concern for CISOs?

Cyber Security

Palo Alto Networks, Deloitte and The Push to Platformization

Cyber Security