Who looks at your data? Microsoft highlights cyber espionage

Microsoft’s data shows that the primary motivation for cyberattacks has swung back towards a desire to steal information, covertly monitor communication, or to manipulate what people read
In its annual report, Microsoft has alerted to an increase in global cyber espionage operations, citing a need for businesses to improve digital defences

Microsoft recently released its Microsoft warns in its annual Digital Defense Report 2023 and highlights a rise in government-sponsored cyberespionage campaigns and information operations.

In the past year, Microsoft suggests that cyberattacks have impacted 120 countries, with government-sponsored spying and with influence operations (IO) also rising. Nearly half of these attacks targeted NATO member states and more than 40% were levelled against government or private-sector organisations involved in building and maintaining critical infrastructure. 

As threats continue to evolve, with changing criminal tactics and trends in phishing, businesses must operate with caution and intelligence to avoid potential cyberattacks.

How is new technology being used?

Whilst plenty of attacks over the past year were often focused on destruction or financial gain with ransomware, Microsoft’s data shows that the primary motivation has swung back towards a desire to steal information, covertly monitor communication, or to manipulate what people read.

The company cites the US, Ukraine and Israel as the most heavily attacked countries, but over the past year there has been an overall increase in the global scope of attacks. This is particularly the case, according to Microsoft, across Latin America and sub-Saharan Africa especially.

Organisations involved in policy-making were among the most targeted, in line with the shift in focus to espionage.

Source: Microsoft

Artificial intelligence (AI) has already been highlighted by Microsoft as having the potential to be used as a weapon in the cyber space - but greater regulations are coming.

Despite being used to advance cyberattack complexity, AI will also be crucial for successful defence, automating and augmenting aspects of cybersecurity such as threat detection, response, analysis and prediction. 

Microsoft highlights how AI can also enable large language models (LLMs) to generate natural language insights and recommendations from complex data and ultimately help to make analysts more effective and responsive. It is already helping to reverse the rising wave of cyberattacks, particularly in Ukraine.

A global call for fundamental security ‘hygiene’ practices

Microsoft also warns of password-based and multi-factor authentication (MFA) fatigue, having observed approximately 6,000 MFA fatigue attempts per day over the past year. 

According to the company, the first quarter of 2023 saw a dramatic tenfold surge in password-based attacks against cloud identities, especially in the education sector, from around 3 billion per month to over 30 billion.

That is an average of 4,000 password attacks per second targeting Microsoft cloud identities this year alone.

Key facts
  • 4,000 attacks blocked per second
  • 300+ threat actors tracked
  • 100,000+ domains removed
  • 135 million managed devices
  • 65 trillion signals synthesised

With this in mind, companies have been reminded to be alert to the rising risks of dual ransomware attacks, with the The Federal Bureau of Investigation (FBI) in particular highlighting awareness of when the same organisation is targeted more than once in quick succession.

The warning came in an FBI private industry notification dated 27 September 2023, stating: “The FBI noted a trend of dual ransomware attacks conducted in close proximity to one another. During these attacks, cyber threat actors deployed two different ransomware variants.”

It also pointed out that a range of ransomware tools are being used in different combinations that could cause potentially devastating consequences for companies. “This use of dual ransomware variants resulted in a combination of data encryption, exfiltration, and financial losses from ransom payments. Second ransomware attacks against an already compromised system could significantly harm victim entities,” the FBI says.

To mitigate risk, the FBI recommends companies review their security posture, maintain offline back-ups of critical data and ensure those back-ups are encrypted.

In the midst of widespread anxiety about greater cyberattacks, there is widespread worry that businesses will be unable to keep up. Microsoft is clear - the vast majority of successful cyberattacks could be prevented if organisations implement what it refers to as key security practices, ensuring that they are kept up to date.


For more insights into the world of Cyber - check out the latest edition of Cyber Magazine and be sure to follow us on LinkedIn & Twitter.

Other magazines that may be of interest - Technology Magazine | AI Magazine.

Please also check out our upcoming event - Cloud and 5G LIVE on October 11 and 12 2023.


BizClik is a global provider of B2B digital media platforms that cover Executive Communities for CEOs, CFOs, CMOs, Sustainability leaders, Procurement & Supply Chain leaders, Technology & AI leaders, Cyber leaders, FinTech & InsurTech leaders as well as covering industries such as Manufacturing, Mining, Energy, EV, Construction, Healthcare and Food.

BizClik – based in London, Dubai, and New York – offers services such as content creation, advertising & sponsorship solutions, webinars & events.


Featured Articles

Worldwide IT Outage Not Cyber Attack - But Software Update

The global IT outage that is being described as one of the biggest ever is thankfully not being attributed to a cyber attack, but rather a software update

Companies Across Cyber Sphere Warn of Surge in DDoS attacks

DDoS attacks have over doubled in a year, with multiple reports highlighting how political instability around the globe could be behind it

UK Takes Steps to Strengthen Country's Cyber Security

The new government have made cybersecurity one of their top priorities as they lay out their plans for what they intend to do in power

BlueVoyant Launch Platform to Tackle Supplier Attack Surface

Operational Security

Irdeto’s Andrew Bunten Talks Securing Online Content Streams

Network Security

Fortinet Cyber Survey Shows Global Scope of Skills Gap

Operational Security