Demystifying the global threat landscape and empowering cyber defense

• Microsoft Digital Defense Report 2022 reveals insights into how the digital threat landscape is evolving
• Microsoft removed over 10,000 malicious domains, including 600 utilized by state actors.

Cybercriminals continue to operate as sophisticated profit businesses. Attackers are evolving and coming up with new ways to use their strategies, complicating the location and method of hosting campaign infrastructure. Attackers breach business networks and devices to host phishing campaigns, malware, or even exploit their computing power to mine cryptocurrencies and weaken cyber defense in order to reduce their overhead and increase the appearance of legitimacy.

Microsoft has released its Microsoft Digital Defense Report 2022, which offers its distinctive viewpoints on the way the digital threat landscape is changing and the critical steps that can be taken right away to enhance ecosystem security. The report is divided into five chapters, each focusing on a different aspect of cybercrime, national-state threats, hardware and infrastructure, and cyber resilience.

The survey also showed that there have been an estimated 921 password attacks every second, a 74% increase in only one year. Microsoft has also deleted more than 10,000 domains used by cybercriminals and 600 by nation-state actors to date.

“The trillions of signals we analyze from our worldwide ecosystem of products and services reveal the ferocity, scope, and scale of digital threats across the globe,” said Tom Burt, Corporate Vice President, Customer Security & Trust, Microsoft.

According to Burt, the company also employs legal and technical strategies to seize and shut down nation-state actors’ and cybercriminals’ infrastructure and alert customers when such actors are threatened or targeted. Microsoft strives to create increasingly effective features and services that employ AI/ML technology to recognize and stop cyber threats and help security professionals defend against and identify cyber intrusions more quickly and efficiently.

The state of cybercrime

Cybercriminals continue to operate as highly developed for-profit businesses. The intricacy of where and how attackers host campaign operation infrastructure is growing as they adapt and discover new ways to use their techniques. Meanwhile, cybercriminals are growing more thrifty. Attackers are breaking into business networks and devices to host malware, phishing campaigns, and even cryptocurrency mining operations to reduce costs and increase the image of legitimacy.

The report found that:

• Ransom payments are being induced by attackers’ growing threats to reveal sensitive information.
• Attacks on critical infrastructure, corporations, and governments have raised the audacity of the ransomware and extortion menace.
• Human-operated ransomware is the most common type of attack; employing these methods, hackers are able to successfully compromise one-third of targets, and of those, 5% are ransomed.
• Large-scale attacks on IoT and OT exposed in infrastructure, utilities, and corporate networks are now being conducted via malware as a service.
• At least 10 known critical vulnerabilities were present in 32% of the firmware images examined.

In addition to ransomware being a threat, the cybersecurity industry has entered a new era known as the hybrid war, which includes nation-state actors.

Nation-state actors are undertaking more complex cyberattacks to avoid detection and advance their strategic goals. A new era of warfare has begun with the introduction of cyberweapon deployment in the hybrid war in Ukraine.

To influence public opinion in Russia, Ukraine, and worldwide, Russia has also used media operations to support its military campaign. Nation-state actors are becoming more active outside of Ukraine and are starting to use developments in automation, cloud infrastructure, and remote access technologies to attack a larger range of targets.

Also, China is increasing its global targeting, focusing particularly on smaller states in Southeast Asia in order to obtain a competitive edge and intelligence.

Resiliency to strengthen cyber defense

Technology success is significantly facilitated by security. Innovation and increased productivity will be achievable by implementing security measures that make businesses as resilient as feasible against contemporary threats. The pandemic has forced Microsoft to rethink its security procedures and tools to safeguard all of our workers’ places of employment.

The epidemic and the transition to a hybrid workplace exposed vulnerabilities that threat actors have been exploiting over the past year. Since then, managing the presence, complexity, and rising nation-state activity of multiple attack tactics has been their main issue.

“Perhaps most importantly, throughout the MDDR, we offer our best advice on the steps individuals, organizations, and enterprises can take to defend against these increasing digital threats. Adopting good cyber hygiene practices is the best defense and can significantly reduce the risk of cyberattacks,” said Burt.

---

---

---

---