TECH NEWS – In the past year, 120 countries have been hit by cyberattacks, and government-sponsored espionage and influence operations (IO) are gaining ground. Nearly half of these attacks were directed against NATO member states, while 40% were targeted at government or private sector organizations involved in the construction and maintenance of critical infrastructure. While last year’s headline-grabbing incidents were mainly focused on destruction or financial gain with ransomware, this year the main motivation was once again stealing information, secretly monitoring communications, or manipulating people’s news consumption. Among other things, this is revealed in the fourth published From the Microsoft Digital Defense Report, which shows the trends that nation states followed in cybercrime and defense between July 2022 and June 2023 in the field of defense techniques.

While the United States, Ukraine, and Israel continue to be the target of most attacks, the number of incidents worldwide has increased over the past year. This is particularly true in the Global South, Latin America and sub-Saharan Africa, and the Middle East, where Iran has increased its operations. In line with the rise of espionage, the primary targets are organizations involved in political decision-making and implementation.

In the last 1 year:

• more than 200% increase in targeted ransomware attacks that were performed by humans, i.e. not automated
• Criminals are also evolving their attacks to minimize their footprint, with 60% using remote encryption, thereby rendering process-based countermeasures ineffective.
• Since November 2022, the number of potential data breaches has doubled after threat actors compromised an environment. But not all data theft is related to ransomware; there may also be activities aimed at collecting credentials or nation-state espionage.
• According to a Microsoft report, 70% of organizations that suffered a human-directed ransomware attack had fewer than 500 employees.
• Between April and June 2023, Microsoft warned users about about 10,000 password entries per month on fake websites.

Cyber attacks against states

• Russian intelligence agencies have focused their cyber attacks on espionage activities supporting the war against Ukraine and continue their destructive actions.
• Iranian efforts previously focused on dismantling the networks of targets, but today they also tend to amplify manipulative messages for geopolitical purposes or intercept data flowing through secret networks;
• China has expanded its espionage activities to obtain intelligence to promote the One Belt, One Road initiative and to support its regional policy. The US is also a target for espionage, including key US military installations and access to the networks of critical infrastructure units;
• North Korean actors secretly tried to steal secrets; they targeted a submarine technology company while stealing hundreds of millions of cryptocurrencies through multiple cyberattacks.

Source: Press release