Last week, Microsoft released its annual Digital Defense Report, which includes aggregated security data from across the systems and networks Microsoft monitors to understand the scope and scale of cyber threats around the world. Most notably, the report found that cyber attacks targeting critical infrastructure have grown significantly.
According to the report, during the past year, cyber threats against critical infrastructure rose sharply primarily from nation-state threat actors. Specifically, cyberattacks targeting critical infrastructure jumped from comprising 20 percent of all nation-state attacks Microsoft detected to 40 percent. Microsoft states this jump was mostly due to Russia’s invasion of Ukraine and their goal of damaging Ukrainian infrastructure, as well as persistent espionage targeting of Ukraine’s allies, including America. Iranian threat actors, moreover, also targeted U.S. and allied critical infrastructure. In at least one case, Microsoft detected an attack disguised as a ransomware attack that was intended to erase Israeli data. Additionally, the report generally highlights that the number of estimated password attacks per second increased by 74 percent over the previous year and that credential phishing attacks are also increasing. Access the full report at Microsoft.