Record cyberattacks on states, businesses and people

Microsoft has released its annual Digital Defence Report with the latest insights on how the threat landscape has evolved but also the mechanisms developed to deal with geopolitical cyberattacks and cybercrime. According to the report last year saw massive cyberattacks launched by governments in more than 120 countries. During the same period, Microsoft thwarted 237 billion password theft attempts, protecting millions of users around the world from the threat of cybercrime.

Cybersecurity is a defining challenge of our time. Organizations of every size across every industry around the globe feel the urgency and pressure of protecting and defending against increasingly sophisticated attacks.

“We believe every individual and company around the world should be empowered to meet its security needs. Achieving this will require a collective global effort as we harness the power of partnership to strengthen our defences together,” says Tom Burt, Corporate Vice President, of Customer Security & Trust at Microsoft.

“Close collaboration between the public and private sectors to formulate, enforce, and harmonize these requirements is therefore crucial to improve global cybersecurity and foster innovation. In fact, while cybercriminals have remained hard at work, we are seeing public and private sectors come together to disrupt the technologies criminals use, hold them to account, and support the victims of cybercrime,” he added.

While AI is transforming cybersecurity, using it to stay ahead of threats requires massive amounts of diverse data. Here at Microsoft, our more than 10,000 security experts analyse over 65 trillion signals each day with the help of AI, and Microsoft Threat Intelligence teams track hundreds of threat actor groups worldwide.

Microsoft’s security ecosystem includes more than 15,000 security partners with specialized solutions, while the global open community of security researchers and testers contribute to bug bounties and security challenges. This broad, deep, and diverse security ecosystem is driving some of the most influential insights in cybersecurity.

“Societies worldwide acknowledge the importance of collective action, especially in cybersecurity, as we strive for a safer world. While individual organizations focus on safeguarding their interests, collaboration is a powerful force multiplier. Partnerships involving government agencies, businesses, academia, non-profits, and others are essential for robust cyber defences,” added Tom Burt.

Microsoft’s report explained how to understand the need for collaboration, one must consider the concept of a "cyber poverty line" which defines the minimum resources needed for adequate cyber protection.

“Defining and addressing this line requires cooperation among stakeholders because no single tech company can solve all cybersecurity challenges. This necessitates partnerships that span public and private sectors, policy groups, and standards bodies and involve building safer technology, sharing threat intelligence, setting common standards, and countering cybercriminal tools.”

“Basically, there needs to be a collaboration to push innovation boundaries and integrate security products for end-to-end protection.”

The study pointed out how stakeholders must recognize their shared responsibility and actively engage in partnerships to enhance cybersecurity.

“History shows that working together can create a safer digital future. Non-profits, academia, and research institutions are vital in advancing cybersecurity as they bridge theory and practical application, contribute to research, innovate, and educate future professionals. Collaborative projects between academia, non-profits, and industry promote innovation and address emerging threats.”

Microsoft’s report also shared insights on newly observed ransomware and extortion tactics and trends and how the number of human-operated ransomware attacks were up by more than 200% since September 2022.

“The good news is, for organizations with a strong security posture, the likelihood of an attack succeeding is very low. Typically, an attack is stopped in the pre-ransom phase, with on average 2% of attacks progressing to a successful ransomware deployment.”

“Approximately 40% of the ransomware encounters we detected in June were human-driven. Most of these attacks can be attributed to 123 tracked ransomware-as-a-service affiliates. The number of affiliates grew by 12% in the last year, setting up conditions for human-operated ransomware attacks to continue to grow in 2024,” said the report.