Microsoft says more than half of state-backed cyberattacks come from Russia

Russia accounted for more than half of all cyberattacks observed by Microsoft over the past year, the company has said.

The software giant released its annual Digital Defence Report on Thursday, which covers the period between July 2020 to June 2021.

The main highlight of the study is that attacks from Russian state actors account for 58 per cent of all cyber intrusions. One of the landmark cyberattacks was on US’s biggest gasoline pipeline which Russia has denied role.

The success rate of hackers in the country saw a rise from 21 per cent last year to 32 per cent in 2021.

The top three countries targeted by these attacks were the United States, Ukraine and the United Kingdom.

Their main targets were government agencies for intelligence gathering, the study shows, jumping from 3 per cent of attacks in 2020 to 53 per cent in 2021.

Hackers are mainly focusing on agencies involved in foreign policy, national security or defence, such as US-based network-monitoring software company Solar Winds.

A 134 pages-long compilation of data and insights collected and observed by Microsoft is a report targetted at helping businesses, organisations and governments around the globe better understand the cyberworld and protect themselves in the wide cybersecurity landscape.

During the pandemic, Microsoft noticed a surge in cyberattacks and explains it as an increased reliance on telecommunications, giving “malicious actors new vectors to gain access to targeted private networks that were scrambling to support new ways of doing business”.

When a customer, being an organisation or an individual account holder, is targeted by state-sanctioned activities that Microsoft tracks, it delivers a nation-state notification (NSN).

Over the past three years, it has delivered over 20,5000 NSNs.

These cyberattacks were made by state actors who work for a government to disrupt or compromise targets and breach their security to access valuable data. In other words, they have a ‘license to hack’.

“The victims of attacks often have information relevant to an adversary government’s intelligence needs, which is why so many government agencies and think tanks are attacked,” the report highlighted.

“However, private industry’s role in supporting remote workers, increased healthcare services, COVID-19 vaccine research, and COVID-19 vaccine distribution have also made them more common targets for these sophisticated actors seeking information for their government’s national security or intelligence purposes”.

Russia is not the only country on Microsoft’s radar, according to the report. The highest volume of attacks recorded originated from North Korea, Iran and China.

For the first time, South Korea and Turkey made an entry in Microsoft’s annual report.

Most sectors attacked showed that nearly 80 per cent of those targeted were either in government, NGOs or think tanks.

Leave a Reply

%d bloggers like this: