Cybersecurity is one of the defining challenges of our time, threats are reducing trust in technology and highlighting the urgent need for improved cyber defenses at all levels. Organisations of every size across every industry around the globe feel the urgency and pressure of protecting and defending against increasingly sophisticated attacks.
Microsoft’s 2023 Digital Defence Report [MDDR] concentrates on the following sections:
- State of cyber crime
- Nation State Threats
- Critical cyber security challenges
- Innovation
- Collective defense
Microsoft has a unique stance and can share wider insights on how the threat landscape has evolved and discuss the shared opportunities and challenges we all face in securing a resilient online ecosystem which the world can depend on.
Threat Actors Activities
Cybercriminals are improving their ability to impersonate or compromise legitimate third parties, making it even harder for users to identify fraud until it’s too late. Microsoft reported 80-90% of all successful ransomware compromises originate through unmanaged devices, amplifying the importance of all company devices being under a managed security service meaning no cracks are left for threat actors to seep in.
No organisation is exempt from an attack, with 70% of organisations encountering human operated ransomware having fewer than 500 employees. Threat actors will target any organisation as all businesses have something that they would be prepared to pay a ransomware for.
Phishing is still prevalent and over the past six months, Microsoft found users reporting phishing attempts only happened 11.3% of the time. While no action is better than clicking, the reporting phishing attempts would be best to help internal security teams identify incoming threats.
Nation State Threats
“As the threat landscape evolves, we are seeing a blurring of lines between cyber operations, espionage, influence campaigns, and destructive attacks.”
John Lambert, Corporate Vice President, Distinguished Engineer, Microsoft Security Research
Nation-state and state-affiliated threat actor activities in the past year have moved away from high volume destructive attacks and in favour of espionage campaigns. Despite the impact of destructive attacks being felt more immediately, persistent and stealthy espionage operations pose a long-term threat to the integrity of government, private industry, and critical sector networks.
41% of the threat notifications Microsoft sent to online services customers between July 2022 and June 2023 went to critical infrastructure organisation.
Most Targeted Sectors Globally:
- 16% Education
- 12% Government
- 11% Think tanks & NGOs
- 11% IT
- 6% Communications
- 5% Finance
- 5% Transportation
- 4% Defense Industry
- 3% Energy
- 2% Manufacturing
- 5% Critical Infrastructure
- 20% Other
Source: Microsoft Threat Intelligence NSN data.
Cyber Security Challenges
The patching of OT and industrial control system devices can be a challenge as updates are often postponed avoiding disrupting operations. However, it is vital to update OT devices to avoid hackers exploiting these vulnerabilities. 25% of OT devices on customer networks use unsupported operating systems, making them more susceptible to cyberattacks due to a lack of essential updates and protection against evolving threats.
Supply chain security attacks such as Solarwinds, Log4j, Codecov and Kaseya- have affected over 490 million known customers and exposed over 1000, 000 malicious open-source packages. Since 2019 the average yearly increase was 742% and this number will only rise. Microsoft promotes the Software Bill of Materials (SBOM) which provides software transparency to customers. SBOM enables organisations manage their supply chain risk for the software deployed across their enterprise.
Innovating for Security and Resilience
The cost of cybercrime is projected to hit an annual $10.5 trillion by 2025. Large Language Models (LLMs) have the potential to help threat intelligence and analysis by gathering and analysing data to identify patterns ad trends. They can also perform technical tasks like reverse engineering and can create a summary of security incidents and help us learn from past events to improve prevention and mitigation of cyber-attacks.
In conclusion, as technology continues to advance so do the tactics employed by attackers. It is more crucial than ever to have the right technology and processes in place to fortify your defences against emerging cyber threats.
Read the full Microsoft Digital Defence report HERE.
Discover key stats from this year’s Digital Defense Report:
- 65 trillion signals synthesized daily
- 4,000 identity attacks blocked by Microsoft per second
- 300+ threat actors tracked
- 100,000+ malicious domains removed
- 80-90% of all successful ransomware compromises originate through unmanaged devices
- Human-operated ransomware attacks are up more than 200%
- 70% of organisations encountering human operated ransomware had fewer than 500 employees
Content originated from the Microsoft Digital Defense Report.