Microsoft Security has published its 2022 Microsoft Digital Defense Report and the message is clear: State-sponsored cyber-attacks are on the rise and are more brazen as authoritarian regimes become bolder.
In the Microsoft Digital Defense Report, the company says 2022 saw a new age of hybrid warfare. This new area of cybersecurity has been perpetuated by Russia's unlawful invasion of Ukraine. Microsoft points out attacks are becoming more aggressive and open as authoritarian leaders are less concerned about the consequences.
The company says in 2022 there have been increasing attacks against critical infrastructure. In fact, Microsoft points out that these attacks increased from 20% to 40% of all nation-state-backed attacks.
Russia-backed attacks on Ukraine were the big reason for the attacks increase as hackers engaged in cyber espionage to undermine infrastructure in the country. Russia has also more brazenly targeted private companies to interrupt intelligence gathering.
Microsoft says 90% of Russia's attacks in the last year were against NATO member nations. Of those, 48% were against IT firms.
Russia's exploits have emboldened other authoritarian countries to be more brazen in their attacks:
- “Iranian actors escalated bold attacks following a transition of presidential power. They launched destructive attacks targeting Israel, and ransomware and hack-and-leak operations beyond regional adversaries to U.S. and EU victims, including U.S. critical infrastructure targets like port authorities. In at least one case, Microsoft detected an attack disguised as a ransomware attack that was intended to erase Israeli data. In another, an Iranian actor executed an attack that set off emergency rocket sirens in Israel.
- As North Korea embarked on its most aggressive period of missile testing in the first half of 2022, one of its actors launched a series of attacks to steal technology from aerospace companies and researchers around the world. Another North Korean actor worked to gain access to global news organizations that report on the country, and to Christian groups. And yet a third actor continued attempts, often without success, to break into cryptocurrency firms to steal funds in support of the country's struggling economy.
- China increased its espionage and information stealing cyberattacks as it attempted to exert more regional influence in Southeast Asia and counter growing interest from the U.S. In February and March, one Chinese actor targeted 100 accounts affiliated with a prominent intergovernmental organization in Southeast Asia just as the organization announced a meeting between the U.S. government and regional leaders. Just after China and the Solomon Islands signed a military agreement, Microsoft detected malware from a Chinese actor on the systems of the Solomon Islands government. China also used its cyber capabilities in campaigns targeting nations across the global south, including Namibia, Mauritius, and Trinidad and Tobago, among others.”
Tip of the day: After years of hefting a laptop around, you inevitably build up a menagerie of Wi-Fi networks. For the most part, they'll sit on your PC, hardly used, but at times a change in configuration can make it difficult to connect to a network your computer already remembers. At this point, it can be beneficial to make Windows forget a Wi-Fi network and delete its network profile.