Microsoft unveiled the latest edition of its Digital Defense Report which shares unique insights on how the digital threat landscape is evolving and the crucial actions that can be taken today to improve the security of the ecosystem. The report covers activities observed between July 2021 and June 2022, highlighting new trends in cybercrime, evolving nation-state threats, cyber influence operations, and more.
According to the Digital Defense Report 2022, attackers are adapting and finding new ways to implement their techniques, thereby increasing the complexity of how and where they host campaign operation infrastructure. To lower their overhead and boost the appearance of legitimacy, attackers are compromising business networks and devices to host phishing campaigns, malware, or even use their computing power to mine cryptocurrency. From July 2021 to June 2022, Microsoft blocked 34.7 billion identity threats and 37 billion email threats.
Microsoft—independently and through close partnerships with others in private industry, government, and civil society —aims to protect the digital systems and promote safe, secure computing environments for every person, wherever they are located. Microsoft synthesizes 43 trillion signals daily, using sophisticated data analytics and AI algorithms to understand and protect against digital threats and criminal cyberactivity. Throughout the report, Microsoft offers relevant data and insights, along with suggested steps individuals, organizations, and enterprises can take to defend against these increasing digital threats.
Key highlights:
Ransomware and Extortion are becoming more prevalent:
* As cyber defenses improve and more organizations are taking a proactive approach to prevention, attackers are adapting their techniques. The threat of ransomware and extortion is becoming more audacious with attacks targeting governments, businesses, and critical infrastructure.
* Human operated ransomware is most prevalent, as one-third of targets are successfully compromised by criminals using these attacks and 5% of those are ransomed.
* 93% of Microsoft’s ransomware incident response engagements revealed insufficient controls on privilege access and lateral movement. The most effective defense against ransomware includes multifactor authentication, frequent security patches, and Zero Trust principles across network architecture.
Sophistication of Nation State threats:
* Nation state actors are launching increasingly sophisticated cyberattacks designed to evade detection and further their strategic priorities. Cybercriminals have begun using advancements in automation, cloud infrastructure, and remote access technologies to attack a wider set of targets.
* During the past year, cyberattacks targeting critical infrastructure have jumped significantly. These developments require urgent adoption of a consistent, global framework that prioritizes human rights and protects people from reckless state behavior online.
* To date, Microsoft removed more than 10,000 domains used by cybercriminals and 600 used by nation state actors.
Being cyber resilient amid emerging attacks:
* Effective cyber resiliency requires a holistic, adaptive approach to withstand evolving threats to core services and infrastructure. The vast majority of successful cyberattacks could be prevented by using basic security hygiene.
* The volume of password attacks has risen to an estimated 921 attacks every second – a 74% increase in just one year. In the time it takes to read this statement, Microsoft has defended against 4,500 password attacks.
* While password-based attacks remain the main source of identity compromise, other types of attacks are emerging. Modernized systems and architecture are important for managing threats in a hyperconnected world.
Devices being targeted as entry points to critical infrastructure:
* The pandemic, coupled with rapid adoption of internet facing devices of all kinds as a component of accelerating digital transformation, has greatly increased the attack surface of the digital world. Attacks against remote management devices are on the rise, with more than 100 million attacks observed in May of 2022—a five-fold increase in the past year.
* While the security of IT hardware and software has strengthened in recent years, the security of Internet of things (IoT) and Operational Technology (OT) devices security has not kept pace. Threat actors are exploiting these devices to establish access on networks and enable lateral movement, to establish a foothold in a supply chain, or to disrupt the target organization’s OT operations. The average number of connected devices in an enterprise that are not protected by an endpoint detection and response agent is 3,500.
* The biggest thing people can do is pay attention to the basics – enabling multi-factor authentication, applying security patches, being intentional about who has privileged access to systems, and deploying modern security solutions from any leading provider.
Proliferation of cyber influence operations:
* Foreign actors are using highly effective techniques – often mirroring cyberattacks – to enable propaganda influence to erode trust, impact public opinion, and increase polarization – domestically and internationally.
* Synthetic media is becoming more prevalent due to the proliferation of tools which easily create and disseminate highly realistic artificial images, videos, and audio.
For more information on the cybersecurity threat landscape and its evolution, check out the Microsoft Digital Defense Report microsite and report, as well as the Microsoft Security blogpost on this. To better understand the state of cybercrime and how businesses and individuals can protect themselves, visit the Microsoft Security blog.
See What’s Next in Tech With the Fast Forward Newsletter
Tweets From @varindiamag
Nothing to see here - yet
When they Tweet, their Tweets will show up here.
