In the evolving landscape of cybercrime, staying protected means uniting across borders for holistic and collective defense.

In its latest annual edition of the Digital Defense Report, Microsoft provided a comprehensive cyberthreat intelligence overview spanning July 2022 to June 2023.

This report delves into critical trends encompassing nation-state activities, cybercrime, and defence strategies.

A key focus of this edition is the surge in espionage efforts propelling global cyberattacks.

Over the past year, cyber onslaughts have left an indelible mark on 120 countries, driven by government-sponsored spying and a simultaneous rise in influence operations.

Disturbingly, nearly half of these attacks were directed at NATO member states, with over 40% targeting government and private sector entities crucial to the development and maintenance of critical infrastructure.

In the Asia Pacific region, nations such as Korea (17%), Taiwan (15%), India (13%), and Malaysia (6%) were the most targeted.

Adding a layer of complexity, cyber attackers are harnessing the power of AI to refine phishing tactics and enhance influence operations using synthetic imagery.

The report also encompasses:

    • The state of cybercrime, which analyses the trends and impacts of ransomware, phishing, business email compromise, identity attacks, and distributed denial of service attacks.
    • Nation-state threats, which tracks the activities and motivations of more than 300 threat actors, including 160 nation-state actors and 50 ransomware groups.
    • Critical cybersecurity challenges, which examine the security issues and solutions for IoT and OT devices, critical infrastructure, and supply chains.
    • Innovating for security and resilience, which explores how AI technologies can be used for both cyber defence and offense, and how to shape responsible AI principles and practices.
    • Collective defense, which highlights the importance of public-private collaboration and partnership to combat cyber threats and build cyber resilience.

Rise in cybercrime-as-a-service: Scale and sophistication reach new heights

The report notes that the cybercrime landscape is witnessing a surge as cybercriminals tap into the cybercrime-as-a-service ecosystem to execute large-scale phishing, identity theft, and distributed denial of service (DDoS) attacks. In a worrisome trend, these adversaries are adept at bypassing multifactor authentication and other security measures, highlighting an escalating ability to carry out targeted attacks with increasing sophistication.

Image Source: The State of Cybercrime in the Microsoft Digital Defense Report 2023

Nation-state cyber actors focus on cyber espionage

The reports notes that in a notable departure from the previous year’s surge in high-profile cyberattacks, nation-state cyber actors have shifted their strategy. This year, they moved away from high-volume destructive attacks, redirecting most of their efforts towards cyber espionage.

Nation State Threats in the Microsoft Digital Defense Report 2023

According to the report, the landscape of cyber operations is undergoing global expansion, marked by a surge in activities across Latin America, sub-Saharan Africa, and the Middle East. This upswing is attributed to heightened Iranian involvement, indicating a broader and more geographically dispersed impact of cyber operations on a global scale.

Escalating threats at the IT-OT intersection underscore the need for holistic defense

The report underlines that attacks on the critical juncture between information technology and operational technology (IT-OT) continue to rise, and there is a heightened emphasis on the necessity for a comprehensive defence strategy. Microsoft recommends that such a strategy should extend across the entire business ecosystem to effectively safeguard against evolving threats. The report captures a snapshot of the critical cybersecurity challenges in the image below:

Image Source: Critical Cybersecurity Challenges in the Microsoft Digital Defense Report 2023

AI to play a critical role in the new era of cyber defence

As the cyber landscape becomes increasingly sophisticated, the role of AI in defence will be crucial. The report states that AI is poised to play a pivotal role in automating and augmenting various aspects of cybersecurity, including threat detection, response, analysis, and prediction. Large language models (LLMs) powered by AI can generate natural language insights and recommendations from complex data, empowering analysts to be more effective and responsive.

Microsoft states that from next year it will focus even more on the use of AI in combating threats while embracing the three SDL principles of Secure by Design, Secure by Default and Secure in Deployment (SD3).

“Artificial Intelligence will be a critical part of a successful defence. In the coming years, innovation in AI-powered cyber defence will help reverse the current rising tide of cyberattacks.”, Tom Burt (Corporate Vice President, Customer Security and Trust, Microsoft) stated.

Uniting against cybercrime across borders

Microsoft in its report stresses the importance of public-private collaboration and partnership to combat cyber threats and build cyber resilience. The report highlights various initiatives and projects that Microsoft participates in or supports to advance collective defence, such as the Cybercrime Atlas, the CyberPeace Institute, the Cyber Development Goals, the Cybersecurity Tech Accord, and others.

The report also stresses the need for more and deeper alliances in the private sector and stronger partnerships between the private and public sectors. The report unequivocally believes in the power of partnerships in building cyber resilience.

Image Source: Collective Defense in the Microsoft Digital Defense Report 2023

The secret to thwart a vast majority of cyberattacks is actually simple

The report concludes with the fact that defending against 99% of attacks doesn’t require complex strategies; rather, it hinges on adhering to basic security hygiene. Multifactor authentication (MFA) appears as a powerful deterrent against cyberattacks, significantly reducing the risk of compromise. A recent study, drawing insights from real-world attack data sourced from Microsoft Entra (Cloud-based identity and access management solution), reveals that the implementation of MFA results in an impressive 99.2% reduction in the likelihood of a security breach. This underscores the effectiveness of MFA as a robust security measure in the ever-evolving landscape of cyber threats. Besides MFA, the report recommends other basic security measures such as:

    • Apply Zero Trust principles
    • Use extended detection and response (XDR) and antimalware
    • Keep systems and applications up to date
    • Protect data
Image Source: Microsoft Digital Defense Report 2023