Microsoft: 58% of Cyberattacks in Past Year Came from Russia

cyber threats

More than half of all cyberattacks observed by Microsoft over the past year originated in Russia, the U.S.-based multinational tech corporation said on Thursday in its latest Digital Defense Report.

According to the annual study, which covered July 2020 to June 2021, “58 percent of all cyberattacks observed by Microsoft from nation-states have come from Russia.”

“[A]ttacks from Russian nation-state actors are increasingly effective, jumping from a 21 percent successful compromise rate last year to a 32 percent rate this year,” the report states.

Microsoft said, “Russian nation-state actors are increasingly targeting government agencies for intelligence gathering,” noting this type of targeting by Russia spiked from three percent during the previous year to 53 percent over the latest time period tracked by the company.

Most of the government agencies allegedly targeted by Russia over the past year are “involved in foreign policy, national security or defense. The top three countries targeted by Russian nation-state actors were the United States, Ukraine and the UK,” according to Microsoft.

Microsoft CEO Satya Nadella. ( Stephen Brashear/Getty Images)

The Digital Defense Report cited both ransomware attacks and state-backed hacking as growing threats to internet security worldwide.

“Ransomware attacks are criminal and financially motivated,” the Associated Press noted on Thursday. “By contrast, state-backed hacking is chiefly about intelligence gathering — whether for national security or commercial or strategic advantage — and thus generally tolerated by governments.”

“Russia is not the only nation-state actor evolving its approaches, and espionage is not the only purpose for nation-state attacks this year,” Microsoft acknowledged in its study.

“After Russia, the largest volume of attacks we observed came from North Korea, Iran and China; South Korea, Turkey (a new entrant to our reporting) and Vietnam were also active but represent much less volume,” the report states.

“While espionage is the most common goal for nation-state attacks, some attacker activities reveal other goals,” Microsoft observed. The tech giant cited Tehran and Pyongyang as two major examples of this.

“Iran … quadrupled its targeting of Israel in the past year and launched destructive attacks among heightened tensions between the two countries,” the study revealed.

“North Korea … targeted cryptocurrency companies for profit as its economy was decimated by sanctions and Covid-19 [Chinese coronavirus],” according to Microsoft.

The company said of the cyberattacks it observed over the past year, 21 percent targeted consumers and 79 percent targeted enterprises. The most targeted sectors were: government (48 percent); N.G.O.s and think tanks (31 percent); education (three percent); intergovernmental organizations (three percent); I.T. (two percent); energy (one percent); and media (one percent).

Microsoft Corp. works closely with U.S. federal government agencies and receives hundreds of millions of dollars from Washington in return for cybersecurity. News that the U.S. federal government planned to pay Microsoft $150 million in coronavirus relief funds in March upset some observers and U.S. legislators.

Servicemen of the Russian National Guard patrol along the Red Square in Moscow, on December 30, 2019, as the Kremlin's Spasskaya Tower is seen in the background. - A suspect detained for planning an attack in Saint Petersburg during New Year's festivities had pledged allegiance to the Islamic State group, Russia's FSB security service said on December 30. The Russian president on December 29 thanked US President Donald Trump for intelligence that helped foil the attack. (Photo by Dimitar DILKOFF / AFP) (Photo by DIMITAR DILKOFF/AFP via Getty Images)

Servicemen of the Russian National Guard patrol along the Red Square in Moscow, on December 30, 2019, as the Kremlin’s Spasskaya Tower is seen in the background. (Photo by DIMITAR DILKOFF/AFP via Getty Images)

“Congress allocated the funds at issue in the COVID [coronavirus] relief bill signed on Thursday after two enormous cyberattacks leveraged weaknesses in Microsoft products to reach into computer networks at federal and local agencies and tens of thousands of companies,” Reuters reported on March 15.

“One breach attributed to Russia in December grabbed emails from the Justice Department, Commerce Department, and Treasury Department,” the news agency recalled.

“The hacks pose a significant national security threat, frustrating lawmakers who say Microsoft’s faulty software is making it more profitable,” Reuters noted at the time.

“If the only solution to a major breach in which hackers exploited a design flaw long ignored by Microsoft is to give Microsoft more money, the government needs to reevaluate its dependence on Microsoft,” Sen. Ron Wyden (D-OR) said of the planned disbursement.

“The government should not be rewarding a company that sold it insecure software with even bigger government contracts,” he added.


Please let us know if you're having issues with commenting.