Microsoft Blames Russia for Most Cyberattacks

In the latest development, Microsoft has stated that most of the state-sponsored hacking incidents rose from Russia. The Russian origin hacks accounted for 58% of all the international origin hacks.

Most of the attacks targeted government agencies, think tanks of the U.S.A., and other nations and entities. The startling observation was hot on the heels of the embarrassing breach Microsoft suffered. The I.T. giant stated its latest breach exhibited the mannerism of a Russian state-sponsored attack.

The report only fortifies the negative image of the Russian state-backed hackers. The state-sponsored attack on the SolarWinds Orion supply chain wreaked havoc, affecting Microsoft to a palpable extent. The attack’s success propelled Russian government-sponsored attacks’ success rate to 32% in the yearly data ending June 30, 2021. In the previous year’s data, the success rate of such attacks was 21%.


Also Read: Microsoft Suffers Yet Another Breach!


These revelations were made public by Microsoft in its latest Digital Defense Report. Terming Russian-based activity groups as “acute threats to the global digital ecosystem”, Microsoft named three groups as primary perpetrators of the hacks.

Strontium or Fancy Bear, Nobelium or Cozy Bear, Bromine or Energetic Bear are the group names that targeted the government, diplomatic, and defense entities time and again. It was Cozy Bear that initiated the SolarWinds hack.

Microsoft added that the Russian hackers “attempted to access accounts of every organization on almost every continent”. The military alliance NATO was also targeted by Russians. The top three countries which suffered the most brunt were the U.S.A., Ukraine, and the United Kingdom.

Microsoft reported that most of these attacks were to gather valuable intelligence inputs and not to disrupt activities. The policy plans and decisions of the U.S. administration is valuable information for Russians as it affects the bilateral ties and business relations of both countries.


Also Read: Cybercriminals Leveraging Telegram Bots to Bypass MFA and OTP


Other Attacks

Other Attacks

Microsoft didn’t shy away from calling out other countries for perpetrating the attacks. The American company reported that China accounted for fewer than 1 in 10 state-sponsored breaches. However, the China-backed attacks achieved better success than the Russian ones, with a success rate of 44%.

Microsoft also mentioned that ransomware attacks were serious, and they were a growing plague. The U.S.A. was the most targeted country as it suffered thrice the number of ransomware attacks than the next most targeted nation.

In addition, the company opined that the attacks were financially motivated. It is noteworthy to mention that Microsoft, which works closely with the U.S. administration, omitted the U.S. government hackings in its report.

The SolarWinds hack was an embarrassment that triggered calls for retaliation from the American Government. The hack was massive enough for U.S. President Biden to issue a warning to Russian President Vladimir Putin where the former asked the latter to stop ransomware crimes.


Also Read: 80% of Organizations Plan to Adopt Zero-Trust Security Strategy!


However, the top administration officials stated they saw no evidence indicating the issuance of a warning. Making matters complex is Biden’s difficulty in drawing a line on what cyber activity is permissible.

Cristin Goodwin, Microsoft’s Digital Security Head, stated that state-sponsored hacks have a success rate of 10% to 20%.“It’s something that’s really important for us to try to stay ahead of — and keep driving that compromised number down — because the lower it gets, the better we’re doing,” Goodwin said.

The security head also observed that China’s hacks were fueled by “geopolitical goals” as the foreign ministries of Central and South American countries were targeted. China is aiming to expand its Belt-and-Road-Initiative investments in these regions.

Additionally, the universities in Taiwan and Hong Kong have also been targeted as resistance against China stems from these places. It is to observe that these findings are different than the conventional notions that Chinese hackings are limited to intellectual pilferage.

When compared to last year’s data, Chinese hacking attempts have dropped to 8% from 12%. Souring this finding was the uptick in the North Korean hackings, which increased to 23% from about 11% of the attempts last year. Thankfully, North Korean hacking attempts were merely successful as the failure rate was at 94%.


Also Read: IT Company Discovers New, Startling Vulnerabilities in Azure


Microsoft said Russian hacking attempts were far more effective in its report, and they “could portend more high-impact compromises in the year ahead.” Microsoft observed that 92% of the Russian activity could be attributed to the elite hacking team of the S.V.R. intelligence wing, which is nicknamed Cozy Bear. The I.T. giant also observed that Russians were far less interested in targeting critical infrastructure.

However, this report doesn’t cover all the hacking attempts as Microsoft stuck to the attacks it detected.


More News: