The constant barrage of ransomware attacks and notable IT supply chain compromises are largely attributed to Russia-based threat actors, and Microsoft’s 2021 Digital Defense Report confirms that the vast majority of cyberattacks are coming from Russia.
Specifically, 58% of cyberattacks observed by Microsoft from nation-states have come from Russia from July 2020 to June 2021. However, it’s not just the fact that one country harboring cybercriminals that is increasing concerns among the cybersecurity community – Russian nation-state actors are getting better.
According to the report, the success rate of Russian nation-state actors jumped from 21% last year to 32% this year, meaning nearly one third of hacking attempts are succeeding in some capacity.
Microsoft also found that government agencies are being increasingly targeted, as 53% of Russian nation-state targets this year were government, up from just 3% last year.
It’s no surprise that The U.S., Ukraine and the UK – Russian’s main geopolitical enemies – are the top three countries targeted by Russian hackers.
Other notable countries dabbling in cybercrime, according to the report, are North Korea, Iran and China, while South Korea, Turkey and Vietnam represent much less volume, according to Microsoft.
Enterprises made up the vast majority of nation-state targets, with government, NGOs and think tanks making up the bulk (79%) of the targeted organizations. However, education, intergovernmental organizations, IT companies, energy and media make up 10% of such attacks.
Meanwhile, consumers make up 21% of nation-state targets, the repot found.
The report also touches on ransomware, which has garnered headlines in recent months due to several large-scale ransomware attacks, including the ones on Colonial Pipeline, JBS and Kaseya’s network of managed service providers and their customers.
According to Microsoft, consumer and retail organizations are the most targeted by ransomware (13%), followed by financial services (12%), manufacturing (12%) government (11%) and healthcare (9%).
The report found that the U.S. is by far the most targeted country when it comes to ransomware, receiving more than triple the attacks of the next most targeted country. China, Japan, Germany and the United Arab Emirates round out the top five.
In a blog accompanying the report, Tom Burt, Microsoft’s corporate vice president for customer security and trust, said what most IT and cybersecurity professionals already know: basic cybersecurity best practices and good cyber hygiene can help thwart a lot of these attacks.
However, most of Microsoft’s customers aren’t deploying basic tools like multifactor authentication. In fact, fewer than 20% of the company’s customers are using strong authentication features like MFA.
“In fact, if organizations just applied MFA, used anti-malware and kept their systems updated, they would be protected from over 99% of the attacks we see today,