Microsoft reveals 600M daily cyberattacks in alarming report

In its annual Digital Defense Report, Microsoft has sounded the alarm on the escalating number of cyberattacks amid geopolitical tensions.

The report highlights that Microsoft’s customers have faced a staggering 600 million attacks daily from cybercriminals and nation-states. The report, covering trends from July 2023 to June 2024, highlights the persistent role of cyber operations in broader geopolitical conflicts.

Matt Aldridge, Principal Solutions Consultant at OpenText Cybersecurity, commented: “It is no secret that we have been navigating a volatile global cybersecurity landscape for some time and recent macroeconomic factors such as geopolitical tensions, struggling economies, and the rise in sophistication of cyber crimes by cyber-criminals and nation-state actors have further exacerbated this.”

Microsoft’s latest report into cyberattacks paints a grim picture of the current security environment. The company has observed an alarming trend of collusion between cybercrime gangs and nation-state groups, with the latter increasingly enlisting criminals to gather intelligence and utilising their tools and techniques.

“OpenText Cybersecurity’s recent 2024 Threat Hunter Perspective also revealed that the collaboration and coordination taking place between nation-states and cybercrime rings to target global supply chains and further geopolitical motives has become a signature trend in the threat landscape,” Aldridge added.

Russian threat actors have been particularly active in outsourcing cyberespionage operations, especially those targeting Ukraine. In a notable incident in June 2024, a suspected cybercrime group compromised at least 50 Ukrainian military devices using commodity malware.

Iran has not been idle either, employing ransomware in cyber-enabled influence operations. In one instance, Iranian actors marketed stolen data from an Israeli dating website, offering to remove specific profiles for a fee.

Perhaps most concerning is North Korea’s foray into the ransomware arena. A newly-identified North Korean actor developed a custom ransomware variant called FakePenny, which it deployed against aerospace and defence organisations after exfiltrating data from their networks.

As the US election approaches, Microsoft has observed increased activity from Russia, Iran, and China. These nations are exploiting ongoing geopolitical issues to sow discord on sensitive domestic matters, aiming to influence US voters or undermine confidence in the democratic process.

“As notable events like the US presidential election get closer, every organisation in the global supply chain needs to be on high alert for advanced and multiple cyberattacks,” Aldridge warned.

On the cybercrime front, the situation remains dire. Microsoft reported a 2.75-fold increase in ransomware attacks year-on-year, although there was a threefold decrease in attacks reaching the encryption stage. Tech scams have seen a dramatic 400% rise since 2022, with daily occurrences jumping from 7,000 in 2023 to 100,000 in 2024.

“To overcome these challenges, businesses should prioritise improving their cybersecurity infrastructure with advanced threat detection mechanisms,” advised Aldridge. “They should securely back up their data, so systems can be quickly restored, but they must ensure the backups are protected with encryption to prevent data loss through this mechanism.

“Other best practices include implementing cybersecurity technology such as email filtering with on-click URL scanning, anti-virus protection with real-time anti-phishing capabilities, strong password policies, and multi-factor authentication. Also, security awareness training should be implemented for staff from day one, ensuring they are vigilant in scrutinising the types of emails, messages, and phone calls they receive.”

The cyberattacks report also touches on the emerging role of artificial intelligence in cyber threats. Both cybercriminals and nation-states are experimenting with AI, with China-affiliated actors favouring AI-generated imagery and Russia-affiliated actors focusing on audio-based AI across various mediums.

Microsoft emphasises the critical need for collaboration between the public and private sectors to combat these escalating threats. Aldridge echoed this sentiment, stating, “It is incredibly important to adopt a multi-layered approach when it comes to a cyber defence strategy.

“Ultimately, the greater the diversity of processes, tools, and technologies an organisation has in place to protect and recover data plus detect and respond to breaches, the less likely an attack will succeed, and therefore disruption can be avoided.”

As cyber attacks continue to rise in volume and aggression, both Microsoft and industry experts stress that success can only be achieved by combining robust defence with effective deterrence.

“This is definitely a wake-up call for the entire world to get their cybersecurity in order before it’s too late. The nation-state attackers are not slowing down,” Aldridge concludes.

See also: Volt Typhoon: Beijing calls US and Microsoft’s claims a ‘political farce’

Want to learn more about cybersecurity and the cloud from industry leaders? Check out Cyber Security & Cloud Expo taking place in Amsterdam, California, and London. The comprehensive event is co-located with other leading events including BlockX, Digital Transformation Week, IoT Tech Expo, and AI & Big Data Expo.

Explore other upcoming enterprise technology events and webinars powered by TechForge here.

Tags: cyber security, cybersecurity, digital defense, hacking, infosec, microsoft, opentext, report, research, Security, study