Microsoft has released its latest Digital Defense Report, revealing that the United States, Ukraine, and Israel continue to be the primary targets of cyberespionage and cybercrime attacks among 120 countries surveyed. These attacks, fueled by nation-state spying and influence operations, increasingly focus on stealing information, covertly monitoring communication, and manipulating content.
Russian spy agencies have intensified their attacks in support of the Ukraine conflict, while Iranian threat actors are amplifying manipulative campaigns. State-sponsored actors from Russia, China, and North Korea are expanding their influence operations, using propaganda to undermine democratic institutions.
The report also highlights the global scope of cyberattacks, particularly in Latin America and sub-Saharan Africa, with an increase in espionage-focused attacks targeting organizations involved in policymaking and execution. Microsoft notes the growing use of AI by threat actors to enhance influence operations and calls for the technology’s use in defense, detection, analysis, response, and prediction.
Human-operated ransomware attacks have surged by 200% since September 2022, with a doubling of data exfiltration incidents since November 2022. Microsoft warns that over 80% of observed compromises originate from unmanaged or bring-your-own devices and highlights increased attacks targeting password-based and multi-factor authentication systems.
In summary, Microsoft’s report underscores the evolving tactics of cyber threat actors, with a shift from headline-grabbing attacks to a focus on information theft and manipulation. It highlights the geopolitical motivations behind cyberattacks and the use of propaganda by state-sponsored actors. Additionally, the report emphasizes the critical role of AI in both cyber defense and threat actor operations, along with the increasing sophistication of ransomware attacks and the vulnerabilities associated with unmanaged devices and authentication systems.
