Cybersecurity: Russia remains the biggest threat to Microsoft

If Beijing-backed hackers made headlines this year after hacking into Exchange mail servers, Microsoft still claims that it is Russian hackers who are emerging as the most prolific in cyberspace. “Over the past year, 58% of all cyberattacks observed by Microsoft in nation states originated in Russia,” said Tom Burt, Microsoft’s vice president, in a blog post detailing government-sponsored attacks during the year. last.

The United States and the United Kingdom have blamed the Russian Foreign Intelligence Service (SVR) for the massive attack on the software supply chain of the American publisher of enterprise software SolarWinds. Approximately 18,000 customers received a malicious update to the vendor’s Orion network management software, which contained the Sunburst backdoor. A small number of customers, around 100 US customers, including leading technology companies and US government agencies, were subsequently the victims of an intrusion.

For Microsoft, the past year had already shown that Kremlin-backed hackers were becoming “increasingly effective,” their attacks were increasingly successful, and they were motivated by spying and intelligence campaigns. Many attacks attributed to Russia targeted companies’ virtual private network (VPN) software.

“Russian nation-state actors are increasingly targeting government agencies for intelligence gathering, which have fallen from 3% of their targets a year ago to 53%, mainly agencies involved in intelligence gathering. Foreign policy , national security or defense, “recalls Tom Burt. .

Turkey gets noticed

Russia’s piracy is mainly motivated by the country’s politics, with the main targets being the United States, Ukraine and the United Kingdom, Redmond firm management said. But other common suspects also appear in Microsoft’s 2021 digital defense report, including Iran and North Korea. A new entrant is Turkey, which has a great taste for Trojans. Work done by Israeli cyber teams is conspicuously absent from Microsoft’s report. However, it is in Israel that the NSO Group is located, famous for its exploits targeting iPhones.

The hack of the Russian state was mainly focused on Ukraine. Meanwhile, Israel was increasingly attacked by Iranian pirates. “The Russian-based company NOBELIUM increased the number of affected Ukrainian customers from six in the previous fiscal year to more than 1,200 this year, strongly targeting the interests of the Ukrainian government involved in the demonstration against the surge in Russian troops throughout from the border with Ukraine, ”Microsoft says in its report on digital defense.

“This year marked an almost quadrupled targets for Israeli entities, a result solely due to Iranian actors, who focused on Israel as tensions dramatically escalated between adversaries. “

The public sector under a barrage of attacks

The public sector bodies targeted by hackers are primarily “foreign ministries and other global government entities involved in international affairs,” Microsoft explains, while phishing attacks aimed at capturing credentials affect consumer and business accounts.

Russian hackers have mainly developed attacks against industrial supply chains over the last decade. The biggest supply chain attack before SolarWinds was NotPetya in 2017, which was spread through little-known Ukrainian accounting software and cost the industrial giants billions in losses.

Attacks on the software supply chain work because they are carried out through updates from trusted software vendors, including security companies. SolarWinds may not be a household name, but it is important to businesses. Today, nearly every major US cybersecurity firm joins US President Joe Biden’s cybersecurity executive order trying to convey the idea that even trusted networks are untrustworthy.

Critical infrastructures at the center of attention

However, critical infrastructure is the actual change in the targets chosen by Russian hackers. Joe Biden reportedly told Russian President Vladimir Putin that critical infrastructure should be “off limits.” Still, this is a delicate position for the United States, as the world’s most savvy hackers are widely rumored to work at the National Security Agency (NSA), which developed Stuxnet to attack Iran’s uranium enrichment equipment. . Senior Microsoft executives have previously criticized the NSA for racking up zero-day exploits.

“From July 2020 to June 2021, critical infrastructure was not in the spotlight, according to NSA information that was tracked. China-based threat actors showed the greatest interest and Russia-based threat actors the least in targeting entities in the critical infrastructure sector, ”Microsoft notes in its report.

“Russia’s NOBELIUM cyber operations are an excellent example of Russia’s demonstration of interest in conducting intelligence gathering and access operations rather than targeting critical infrastructure for potential disruption operations. “

Source: .com

Woodmart Theme Nulled, WP Reset Pro, Newspaper 11.2, Newspaper – News & WooCommerce WordPress Theme, Premium Addons for Elementor, Rank Math Seo Pro Weadown, WeaPlay, WordPress Theme, Plugins, PHP Script, Jannah Nulled, Elementor Pro Weadown, Woocommerce Custom Product Ad, Business Consulting Nulled, Jnews 8.1.0 Nulled, Avada 7.4 Nulled, Nulledfire, Dokan Pro Nulled, Yoast Nulled, Flatsome Nulled, PW WooCommerce Gift Cards Pro Nulled, Astra Pro Nulled, Woodmart Theme Nulled, Slider Revolution Nulled, Wordfence Premium Nulled, Elementor Pro Weadown, Wpml Nulled, Consulting 6.1.4 Nulled, Fs Poster Plugin Nulled

Back to top button