Cyber Security News

Microsoft Customers Facing 600 Million Cyber Attack Launched Every Day

Microsoft’s customers are under constant cyber assault, facing millions of attacks daily from various threat actors as nation-states and cybercrime gangs are increasingly collaborating, escalating the severity and frequency of attacks. 

They had observed a concerning trend of state-affiliated actors outsourcing cyber operations to criminal groups, which is evident in various activities, such as financial gain, intelligence gathering, and data theft. 

For instance, Russian threat actors have enlisted cybercriminals to target Ukrainian military devices using commodity malware, while Iranian nation-state actors leveraged ransomware to extort individuals on a dating website.

How to Choose an ultimate Managed SIEM solution for Your Security Team -> Download Free Guide(PDF)

North Korea has developed its own ransomware, FakePenny, to target aerospace and defense organizations, indicating a dual motivation of intelligence gathering and financial gain, which highlights the increasing collaboration between state actors and cybercriminals, posing significant threats to cybersecurity.

Example of Iran’s targeting shift following the start of the Israel-Hamas conflict.

Cyber threat activity, primarily by Russia, Iran, and China, is concentrated around regions of geopolitical tension, such as Ukraine, Taiwan, and the Middle East, which utilize cyberattacks to collect intelligence, spread propaganda, and influence public opinion. 

Russia’s targeting of Ukraine and NATO members is aimed at understanding Western policies on the war, while Iran’s focus on Israel and Gulf countries reflects its opposition to their normalization of ties with Israel. 

China’s targeting remains consistent, focusing on Taiwan and Southeast Asia as foreign powers like Russia, Iran, and China are exploiting sensitive domestic issues in the U.S. to influence public opinion and undermine democratic institutions. 

These countries are spreading misinformation and disinformation online through various tactics, including homoglyph domains, which are spoofed links used for phishing and malware attacks.

Microsoft is closely monitoring these malicious activities to protect its infrastructure and inform users about potential threats.

Nation-state adversarial use of AI in influence operations.

A significant increase in financially motivated cyberattacks is reported in the past year, where ransomware attacks saw a 2.75x surge, though fewer reached the encryption stage, while social engineering, identity compromise, and exploiting vulnerabilities remained the primary initial access methods. 

Tech scams also skyrocketed, with daily traffic increasing from 7,000 to 100,000 in just a year.

The short lifespan of malicious infrastructure, often less than two hours, highlights the need for agile cybersecurity measures.

Threat actors, including cybercriminals and nation-states, are experimenting with AI to enhance their attack capabilities.

While AI has shown promise in helping cybersecurity professionals respond to threats more efficiently, it also poses risks as threat actors learn to exploit its efficiencies for malicious purposes. 

For instance, China-affiliated actors favor AI-generated imagery for influence operations, while Russia-affiliated actors use audio-focused AI across mediums.

Although these AI-driven tactics have not yet proven effective in swaying audiences, their potential for future impact remains a concern.

Microsoft is advocating for a two-pronged approach to cybersecurity: denial of intrusions and imposition of consequences.

While they’ve taken steps to protect their users, they believe government action is necessary to deter malicious actors, especially nation-states. 

International norms of conduct in cyberspace lack effective consequences, encouraging aggressive attacks.

To address this, both the public and private sectors need to work together to create a more secure online environment.

Strategies to Protect Websites & APIs from Malware Attack => Free Webinar

Aman Mishra

Recent Posts

Nearest Neighbor Attacks: Russian APT Hack The Target By Exploiting Nearby Wi-Fi Networks

Recent research has revealed that a Russian advanced persistent threat (APT) group, tracked as "GruesomeLarch"…

1 day ago

240+ Domains Used By PhaaS Platform ONNX Seized by Microsoft

Microsoft's Digital Crimes Unit (DCU) has disrupted a significant phishing-as-a-service (PhaaS) operation run by Egypt-based…

2 days ago

Russian TAG-110 Hacked 60+ Users With HTML Loaded & Python Backdoor

The Russian threat group TAG-110, linked to BlueDelta (APT28), is actively targeting organizations in Central…

2 days ago

Earth Kasha Upgraded Their Arsenal With New Tactics To Attack Organizations

Earth Kasha, a threat actor linked to APT10, has expanded its targeting scope to India,…

2 days ago

Raspberry Robin Employs TOR Network For C2 Servers Communication

Raspberry Robin, a stealthy malware discovered in 2021, leverages advanced obfuscation techniques to evade detection…

2 days ago

145,000 ICS Systems, Thousands of HMIs Exposed to Cyber Attacks

Critical infrastructure, the lifeblood of modern society, is under increasing threat as a new report…

2 days ago