The attacks mostly targeted government agencies and think tanks in the United States, Ukraine and U.K.
Russia was behind 58 percent of all state-backed cyber attacks carried out over the past year on Western targets, according to new research conducted by Microsoft. The report also found that China was responsible for less than 10 percent.
The devastating effects of the long-undetected SolarWinds hack also boosted Russian state-backed hackers’ success rate. It jumped to 32 percent in the year ending June 30, compared with 21 percent in the preceding 12 months. It should be noted that the SolarWinds hackers mainly breached information technology businesses including Microsoft.
China, meanwhile, accounted for fewer than 1 in 10 of the state-backed hacking attempts Microsoft detected but was successful 44 percent of the time in breaking into targeted networks, Microsoft said in its second annual Digital Defense Report, which covers July 2020 through June 2021.
Tom Burt, Microsoft’s Corporate Vice President, Customer Security & Trust, detailed the report in a blog post. “Russian nation-state actors are increasingly targeting government agencies for intelligence gathering,” he writes. He adds that the attacks mostly targeted “agencies involved in foreign policy, national security or defense,” he adds.
“The top three countries targeted by Russian nation-state actors were the United States, Ukraine and the UK.”
The report by Microsoft, which works closely with Washington government agencies, does not address US government hacking.
Ransomware has grown into a thriving business model
The report also cited ransomware attacks as a serious and growing plague. The U.S. is by far the most targeted country. Indeed, they received more than triple the attacks of the next most targeted nation.
“In the past year, the cybercrime-as-a-service economy transitioned from a nascent but rapidly growing industry to a mature criminal enterprise,” Burt says. “Today, anyone, regardless of technical knowledge, can access a robust online marketplace to purchase the range of services needed to execute attacks for any purpose.” “We’ve seen kits that sell for as little as $66,” Burt explains.
The Microsoft Digital Defense Report covers the period from July 2020 to June 2021. Its findings cover trends across nation-state activity, cybercrime, supply chain security, hybrid work and disinformation.