An annual report from Microsoft has found that Russia accounted for 58 percent of all cyberattacks the company observed in the past year from nation states and that the percentage of agencies involved in defense, national security or foreign policy that are being targeted by Russian threat actors to gather intelligence rose from 3 percent to 53 percent in 2021.
The company observed threat activity between July 2020 and June 2021 for the Microsoft Digital Defense Report and found that the U.S., Ukraine and the U.K. were the top three most targeted countries by Russian hackers, Tom Burt, corporate vice president for customer security and trust at Microsoft, wrote in a blog posted Thursday.
The study showed that North Korea, Iran and China represented the largest volume of cyberattacks and that nearly 80 percent of breaches across nation-state actors targeted enterprises.
The government was the most targeted sector during the period at 48 percent, followed by nongovernment organizations and think tanks at 31 percent.
According to the report, ransomware continues to be one of the major cybercrime threats and that the U.S. is the most targeted country when it comes to ransomware attacks. Consumer retail, manufacturing, financial services, government and health care were the top five most targeted sectors based on the company’s ransomware engagement data.
Microsoft also observed a 220 percent rise in the use of strong authentication in the last 18 months as companies initiate efforts to improve their security posture as they shift to remote work.
Burt said there are three trends that reflect efforts to address cyber concerns and those are the new cybersecurity executive order, passage of new laws that require mandatory reporting of cyberattacks and increased transparency among governments and companies when it comes to breaches.
The 2021 Microsoft Digital Defense Report also includes observations and trends in the areas of supply chain security, disinformation and hybrid work.
ExecutiveBiz, sister site of GovCon Wire and part of the Executive Mosaic digital media umbrella, will host a virtual event about securing the supply chain on Oct. 26. Visit ExecutiveBiz.com to sign up for the “Supply Chain Cybersecurity: Revelations and Innovations” event.