Microsoft reported that at least 58% of nation-state cyberattacks have emerged from Russia. Followed by this is North Korea with 23%, Iran with 11%, and China with 8%. Other data reveals that the rest of the countries such as Vietnam, Turkey, and South Korea have under 1% representation only.
Microsoft Digital Defense Report has published a data overview to emphasize nation-state cyberattack trends, hybrid workforce security, cybercriminal activity, operational technology (OT), Internet of Things (IoT), and supply chain security.
According to Microsoft’s data, nation-state cyberattacks from Russia are “increasingly effective” as they ascended from 21% to 32% of the success rate for 2021. The nation-state cyberattacks also targeted other government agencies for acquiring intelligence. In addition to Microsoft’s data, the main targets of these nation-state cyberattacks range from the US, the UK, and Ukraine.
The rise of the efficacy of state-nation cyberattacks from Russia could signify a higher impact compromises in the future.
Russia is not the only nation-state cyberattack actor to be modifying its approaches, as stated in the data.
Espionage being the most known goal of nation-state groups, data reveals that other countries also revealed different motivations in cyberattacks aside from Russia. Iran has an upsurge of cyberattack rate against Israel through destructive attacks, followed by North Korea, which targets cryptocurrency firms for financial gains.
Microsoft stated in their report that nation-state cyberattacks used tools that are often similar to other attackers to breach their target victims. These nation-state actors may execute modified malware or craft unique phishing scams.
The data also highlighted the cybercriminal front, stating that the upsurge in criminal activities is primarily driven by a supply chain that makes the work easy for the attackers.
Stolen username and password pairs usually cost $0.97 per 1,000 or $150 for 400 million. In comparison, spear-phishing-for-hire runs for $100 to $1,000 per account takeover success. DDoS attacks can be a cheaper option for unprotected sites with about $300 per month. Ransomware kits cost $66.
Due to these data, Microsoft has emphasized that organizations and government institutions have become more attentive to every outcome of attacks. And since this issue about cyber threats is brought to attention, actions to combat it have become a priority.
