According to IT behemoth Microsoft, Russian hackers are responsible for most cyberattacks, with 58% of nation-state hacking attempts originating from the country from July 2020 to June 2021.
While that detail in Microsoft’s 2021 Digital Defense Report isn’t surprising given Russia’s history of using cyber tools to spy on adversaries and the country’s willingness to harbor cybercriminals that attack U.S. agencies and businesses, what is raising eyebrows is the growing success of those efforts.
Now, nearly a third of Russian nation-state hacking attempts are successful, which is up from 21% a year ago.
The company also found that government agencies are the favorite target of Russian hackers, making up 53% of the recipients of these attacks. Last year, that figure was just 3%.
Unsurprisingly, three of Russian’s main geopolitical enemies – the U.S., Ukraine and the UK – make up the top three targets of Russia-based cyberattacks.
While Russia was far and away the most active in conducting nation-state attacks, the report also mentioned North Korea, Iran and China as conducting nation-state attacks. Meanwhile, South Korea, Turkey and Vietnam represent much less volume, according to Microsoft.
The report also found that enterprises make up the majority of nation-state targets, but government, NGOs and think tanks were targeted much more than commercial businesses.
Microsoft’s report mentions ransomware at length. Tom Burt, Microsoft’s corporate vice president for customer security and trust, said in a blog post that ransomware continues to be one of the largest cybercrime threats and is evolving to become even more disruptive.
“Rather than focus on automated attacks that rely on volume and easily paid low demands to generate profit, human-operated ransomware uses intelligence gleaned from online sources, stealing and studying a victim’s financial and insurance documents and investigating compromised networks to select targets and set much higher ransom demands,” Burt said.
Consumer and retail organizations are the most targeted by ransomware (13%), followed by financial services (12%), manufacturing (12%), government (11%) and healthcare (9%), according to Microsoft.
Again unsurprisingly, the U.S. sees the most ransomware attacks out of any country, more than triple the attacks of the next most targeted country.
In the blog, Burt said organizations must begin practicing good cyber hygiene and deploy basic solutions like multi-factor authentication.
“In fact, if organizations just applied MFA, used anti-malware and kept their systems updated, they would be protected from over 99% of the attacks we see today,” Burt wrote.