Boston (AP) —Russia accounts for most of the country-sponsored hacks detected by Microsoft over the past year, with a 58% share, primarily targeting U.S. government agencies and think tanks, Ukraine, United Kingdom, Europe’s NATO member states follow. The company said.
The catastrophic effect of SolarWinds hacking, which has not been detected for a long time (mainly in violation of information technology businesses such as Microsoft), has also shown the success rate of Russian state-sponsored hackers for the past 12 months until June 30. It was pushed up from 21% to 32%.
Meanwhile, China accounted for less than one-tenth of country-backed hacking attempts detected by Microsoft, but had a 44% chance of successfully breaking into a targeted network, Microsoft said in July 2020. Said in the 2nd Annual Digital Defense Report, which covers from to June. 2021.
Russia’s prolific state-sponsored hacks are well known, but Microsoft’s report provides very specific details on how it overlaps with hacks by other US enemies.
The report also cites ransomware attacks as a serious and growing plague, with the United States being by far the most targeted country and more than three times as many attacks as the next most targeted countries. I was hit by. Ransomware attacks are criminal and have financial motivation.
In contrast, state-sponsored hacking is primarily about information gathering, whether in national security, commercial or strategic interests, and is therefore generally tolerated by the government and of the United States. Cyber operators are the most skilled. Microsoft Corp works closely with the Washington State Government. The report does not deal with US government hacking.
The SolarWinds hack was very embarrassing for the US government, but some Washington lawmakers demanded some retaliation. President Joe Biden struggled to draw a red line about what cyber activity is acceptable. He issued a vague warning to President Vladimir Putin to crack down on ransomware criminals, but several senior government officials said no evidence was found this week.
Overall, nation-state hacking success rates range from about 10% to 20%, said Cristin Goodwin, who heads Microsoft’s digital security unit, which focuses on nation-state stakeholders. “It’s really important that we try to stay ahead, and keep reducing that compromised number, because the lower it is, the better we are doing.” Goodwin said.
Goodwin pays particular attention to China’s “geopolitical goals” in recent cyber-spy activities. This includes targeting the Ministry of Foreign Affairs of Latin American countries with Belt and Road-led infrastructure investments and universities in Taiwan and Hong Kong that resist Beijing’s regional ambitions. Is strong. The findings further believe that the traditional knowledge that China’s cyber espionage interests are limited to intellectual property theft is obsolete.
Russia’s hacking attempts increased from 52% in 2019-20 as a share of global cyber intrusion bids detected by the “national notification service” that Microsoft employs to alert customers. In the year ending June 30, North Korea was the second largest country of origin at 23%, up from less than the previous 11%. China fell from 12% to 8%.
However, the amount and effectiveness of trials is another matter. Microsoft has found that North Korea’s spear phishing (usually targeting individuals who use booby trapped emails) has had a 94% failure rate over the past year.
According to the company, which is based in Redmond, Washington, only 4% of all state-sponsored hacks detected by Microsoft, Russian agents are far less interested than cyber agents in China and Iran.
After the discovery of the SolarWinds hack in December, Russians focused primarily on government agencies involved in foreign policy, defense, and national security, then returned to think tanks, then healthcare, with the COVID-19 vaccine. Targeted tissues developing and testing treatments. In the US, Australia, Canada, Israel, India and Japan.
In a report, Microsoft said the recent greater effects of Russian national hackers “could signal more influential infringement over the next year.” More than 92% of the detected Russian activity was the elite hacking team of the Russian SVR Foreign Intelligence Service, best known as Cozy Bear.
The Cozy Bear, which Microsoft calls Nobelium, was behind the SolarWinds hack. The SolarWinds hack was undetected for most of 2020, and its discovery was terribly embarrassing to Washington. Among the heavily compromised US government agencies is the Department of Justice, from which Russian cyber spies stole 80% of the email accounts used by the US Attorney’s Office in New York.
Microsoft’s nation-state notice, which was issued approximately 7,500 worldwide during the period covered by the report, is by no means exhaustive. These reflect only what Microsoft has detected.
Suggest a fix
Source link Microsoft: Russia behind 58% of detected state-sponsored hacks | WGN Radio 720