Microsoft released its second annual Digital Defense Report today, covering July 2020 to June 2021. The report is a compilation of integrated data and actionable insights from across Microsoft that can be used to help enterprises, organizations, and governments worldwide better understand and protect themselves in the broader cybersecurity landscape. Its findings go over trends across nation-state activity, cybercrime, supply chain security, hybrid work, and disinformation.
Cybercrime, especially ransomware, remains a severe and growing plague,as evidenced in this year’s report but while nation-state actors primarily target victims with helpful information, cybercriminals target victims with money. As a result, the targets often have a different profile.
Cybercrime attacks on critical infrastructures – such as the ransomware attack on Colonial Pipeline – often steal the headlines. However, the top five industries targeted in the past year based on ransomware engagements by our Detection and Rapid Response Team (DART) are consumer retail (13%), financial services (12%), manufacturing (12%), government (11%), and healthcare (9%).
Ransomware continues to be one of the most significant cybercrime threats, and in the past year, it has continued to evolve to become more disruptive.
Rather than focus on automated attacks that rely on volume and easily-paid low demands to generate profit, human-operated ransomware uses intelligence gathered from online sources to prevent users from accessing their system or files and demands a ransom payment to regain access.
Locally the Trinidad and Tobago Cyber Security Incident Response Team (TT-CSIRT) has recently observed a significant increase in ransomware attacks targeting local organizations.
Fighting back in a hybrid work environment
As online threats increase in volume, sophistication, and impact, we must all take steps to strengthen the first line of defense. One of those steps is using robust authentication features like multi-factor authentication or MFA. If organizations just applied MFA, used anti-malware, and kept their systems updated, they would be protected from over 99% of the attacks we see today.
Organizations taking basic steps to protect themselves will go further than the most sophisticated steps tech companies and governments might take to protect them. The good news is that in the past 18 months, we’ve seen a 220% increase in solid authentication usage but still have a long way to go. Part of the solution needs to be skilling up more cybersecurity professionals who can help organizations of all kinds stay secure, and we’ll have more to share on our work in this area in the coming weeks.
The trends show nation-states are increasingly using and will continue to use cyberattacks for whatever their political objectives are, whether espionage, disruption, or destruction. We anticipate more countries will join the list of those engaging in offensive cyber operations.
Those operations will become more brazen, persistent, and damaging unless there are more severe consequences. And the cybercrime market will continue to become more sophisticated and more specialized unless we all evolve our work to stop them. More work than ever is underway to counteract these concerns, but we will need to ensure they remain on the top of national and international agendas in the coming years.
For more information, the second annual Microsoft Digital Defense Report can be viewed for free here.