'58% of cyber attacks came from Russia,' Microsoft announced, with the rise of China prominent



On October 7, 2021, Microsoft released the Digital Defense Report, an annual report that summarizes the records of cyber attacks. In it, Microsoft reported that 58% of the cyberattacks it found to be state-sponsored were from Russia.

FY21 Microsoft Digital Defense Report
(PDF file)

https://query.prod.cms.rt.microsoft.com/cms/api/am/binary/RWMFIi

Russian cyberattacks pose greater risk to governments and other insights from our annual report --Microsoft On the Issues
https://blogs.microsoft.com/on-the-issues/2021/10/07/digital-defense-report-2021/

Microsoft: Russia behind 58% of detected state-backed hacks
https://apnews.com/article/technology-business-china-europe-united-states-e13548edf082992a735a0af1da39b6c8

Among the cyber attacks observed by Microsoft, the breakdown of the attacks whose source was identified during the period from July 2020 to June 2021 is as follows. Russia had the highest share at 58%, followed by North Korea at 23%, Iran at 11%, China at 8%, and South Korea, Vietnam and Turkey at less than 1%.



The largest target of these cyber attacks was the United States, which accounted for 46% of the damage.

In addition, Ukraine, which has been in conflict with Russia due to the invasion of Crimea in 2014, was second with 19%, and the United Kingdom, a NATO member country, was third with 9%. We also know that 3% of the attacks were targeted at Japan.



The largest cyberattack from Russia to the United States was the attack on SolarWinds, known as 'one of the most serious cyberattacks in the last decade,' which resulted in 'hacking from Russia.' The success rate of 'Success rate' jumped from 21% to 32% in one year. You can understand what kind of attack it was by reading the following article.

What is the attack on SolarWinds' Orion Platform, which Microsoft president says is 'one of the most serious cyberattacks in the last decade?' --GIGAZINE



Attacks by Russia are characterized by an increasing tendency to target government agencies, for example, attacks targeting the government by one of Russia's most active hacker groups, NOBELIUM (UNC2452). Has jumped from 3% in the previous report to 53%.



Microsoft also mentions the rise of China. In China, the number of attacks is not high at 8% of the total, but the success rate of intrusion into the targeted network was high at 44%. The average success rate of national cyber attacks is about 10 to 20%. The main targets of cyber attacks were Latin American countries where China is actively investing, and Taiwan and Hong Kong, which are strongly resistant to control by the Chinese government. It has been pointed out that this is the result of a survey that overturns the conventional wisdom that 'the purpose of China's cyber attacks is to steal intellectual property.'

Regarding these cyber attacks by China, Microsoft said, ' Based on the change in power balance due to China's' Belt and Road 'initiative, Chinese cyber criminal organizations are strengthening information gathering to determine the influence of their own investment and diplomacy. I think. ' In addition, 'China's cyberattacks are also characterized by being extremely persistent, and it turns out that in the 2020 presidential election, they continued to act even after the collection of personal information was revealed, and were active even on the day of the election.' It also states.

Looking at the types of cyberattacks, one of the most serious is ransomware. Ransomware tends to target private companies that are directly connected to people's lives, and the attack on Colonial Pipeline, which operates the largest oil pipeline in the United States, was caused by the suspension of operations of the company's facilities in the eastern United States. It has developed into a situation where a serious fuel shortage is in jeopardy.

The breakdown of the targets of the ransomware attack is as follows. A wide range of industries are targeted, with 13% of the affected industries being retail, 12% being insurance and finance, and 12% being manufacturing and agriculture.



Microsoft said, 'States are using cyber attacks more and more frequently, such as espionage and sabotage, and these attacks will become more and more bold and persistent. It is expected that various efforts are being made to counter this, but for the time being, countermeasures against cyber attacks must be positioned as a priority issue in domestic and international discussions. '

in Security, Posted by log1l_ks