Cybersecurity

Microsoft report finds Russia dominant force behind cyberattacks in past year

Cyberattacks originating in Russia accounted for more than half of intrusions tracked by Microsoft since mid-2020, the company said in a report released Thursday.

The findings were detailed in Microsoft’s annual Digital Defense Report. The company said it tracked threat activity from a number of countries, but found that 58 percent of attacks reported by customers originated in Russia, followed by North Korea at 23 percent. 

“Over the past year, Russia-based activity groups have solidified their position as acute threats to the global digital ecosystem,” the report states. “They have also shown a high tolerance for collateral damage, which leaves anyone with connections to targets of interest vulnerable to opportunistic targeting.”

The report went on to say that more than 90 percent of the Russian-linked threat activity was carried out by a threat group Microsoft named “Nobelium,” which the company blamed in May for using a U.S. Agency for International Development email marketing account to target hundreds of organizations in two dozen countries, including government agencies.

Microsoft found that the U.S. was the most targeted nation by far, accounting for almost half of attacks between July 2020 and June 2021. By contrast, Ukraine was the second most targeted country, with 19 percent of threat activity aimed within its borders.

While Russia was prolific in the hacking space, according to Microsoft’s data, it mainly avoided targeting critical infrastructure groups, with only 2 percent of Russia’s attacks aimed at those key entities. By contrast, 13 percent of Chinese-linked threat activity was aimed at critical infrastructure, as was 9 percent of such activity linked to Iran. 

Government entities were seen as the main target for cyberattacks, with government being the most targeted sector, followed by nongovernmental organizations and think tanks. Microsoft found that 53 percent of Nobelium’s efforts were aimed at government entities.

“Over the past year, Russia-based groups have improved their rates of successful compromise and increasingly set their sights on government targets, a confluence of trends that could portend more high impact compromises in the year ahead,” the report warned.

The report comes after a 12-month period that saw multiple high-profile and damaging cyber incidents linked back to Russia.

These included the SolarWinds hack, first discovered in December, which allowed Russian government-linked hackers to infiltrate numerous federal agencies and around 100 private sector groups for much of 2020. President Biden levied sanctions against Russia in retaliation for the attack earlier this year.

Criminal groups based in Russia were also linked to the ransomware attacks in May on Colonial Pipeline, which provides around 45 percent of the East Coast’s fuel, and on meat producer JBSA USA. Both attacks temporarily crippled supply chains. 

Biden urged Russian President Vladimir Putin to crack down on these hacking groups during their in-person summit in Geneva earlier this year, but top U.S. officials have said there has been little evidence that Russia has taken action in the months since.

Updated at 1:16 p.m.

Tags China cyberattacks Joe Biden Microsoft Russia Vladimir Putin

Copyright 2023 Nexstar Media Inc. All rights reserved. This material may not be published, broadcast, rewritten, or redistributed. Regular the hill posts

People – Image widget – Person – Main Area Top

File - A Chevrolet Bolt is displayed at the Philadelphia Auto Show, Jan. 27, 2023, in Philadelphia. Electric vehicles are far less reliable than gasoline-powered cars, trucks and SUVs, mainly because most automakers are still learning how to build a completely new power system, according to this year's auto reliability survey by Consumer Reports.(AP Photo/Matt Rourke, File)
File - A Chevrolet Bolt is displayed at the Philadelphia Auto Show, Jan. 27, 2023, in Philadelphia. Electric vehicles are far less reliable than gasoline-powered cars, trucks and SUVs, mainly because most automakers are still learning how to build a completely new power system, according to this year's auto reliability survey by Consumer Reports.(AP Photo/Matt Rourke, File)

QAT WC-2613

People – Image – Person

In this photo released by the Governor of Sevastopol, Mikhail Razvozhayev telegram channel, a rescuer gestures as he helps people during an evacuation after storm and flooding in Sevastopol, Crimea, Monday, Nov. 27, 2023. A storm in the Black Sea took down power grids and left almost half a million people without power after it flooded roads, ripped up trees and damaged buildings in Crimea, Russian state news agency Tass said. (Governor of Sevastopol Mikhail Razvozhayev's telegram channel via AP)
In this photo released by the Governor of Sevastopol, Mikhail Razvozhayev telegram channel, a rescuer gestures as he helps people during an evacuation after storm and flooding in Sevastopol, Crimea, Monday, Nov. 27, 2023. A storm in the Black Sea took down power grids and left almost half a million people without power after it flooded roads, ripped up trees and damaged buildings in Crimea, Russian state news agency Tass said. (Governor of Sevastopol Mikhail Razvozhayev's telegram channel via AP)

People - Video Bin - Person

The White House is pushing 'Bidenomics,' but what does it mean?

The White House is pushing 'Bidenomics,' but what ...
DC Bureau: AI Legal Immunity (raquel)
KXAN: special session
DC Bureau: Biden economic display (basil)
KTXL: ca budget folo
WHTM: good gov bills
More Videos

Main area middle

See all Hill.TV See all Video

main area bottom custom html

MAIN Area bottom

People – Custom HTML – Person

MAIN AREA BOTTOM

People - Article Bin - 7 Headline List with Featured Image - Person

Main area bottom

Top Stories

See All