Image courtesy; The Verge
Microsoft in its digital defense report of 2021 suggests that Russia has been leading in state sponsored cyber espionage attacks that is dominated by SolarWinds.
There are groups like Cozy Bear also known as ATP 29( Nobelium) and Kremlin that accounts for almost 59% of the total state cyber attacks, these attacks made upto 92% of the alerts sent out by Microsoft to their customers.
The group is also associated with SolarWinds campaigns in doing malicious activities and attacking almost 9 government administrations. Their main targets are officials from the UK, US and Ukraine.
China is also on the list but uses some traditional methods for carrying out attacks. They exploit government entities with a range of vulnerabilities to accomplish their task, for example attacks on exchange servers by Hafnium.
Microsoft has done a great job in creating awareness among their users as it claims that they have sent out approximately 21,000 alerts in the past 3 years to their customers informing about the attacks.
Microsoft has specified that they don’t report for cyber attacks occurring globally but sticks to attacks that affect their customer base and other tech service providers.