lswcap
On October 7, 2021, Microsoft released the Digital Defense Report, an annual report that compiled the history of cyberattacks. Among them, Microsoft reported that 58% of cyberattacks that it claimed were state-backed were by Russia.
In the cyberattacks observed by Microsoft, from July 2020 to June 2021, the largest number of attacks with confirmed sources is Russia (58%), followed by North Korea (23%), Iran (11%), China (8%), and Vietnam and Vietnam. Turkey and other countries account for less than 1%.
The largest target of these cyber attacks was the United States, accounting for 46% of the total damage. In addition, Ukraine, which was in conflict with Russia in the 2014 invasion of Crimea, came in second with 19%, and NATO member Britain ranked third with 9%.
The largest cyberattack against the United States in Russia is the attack on SolarWinds, which is one of the most serious cyberattacks in the past decade. Russian attacks are characterized by a strong tendency to target government agencies. For example, attacks on governments carried out by NOBELIUM (UNC2452), one of the most active hacker groups in Russia, surged from 3% in the last report to 53%.
Microsoft is also talking about the rise of China. Although China does not have a large number of attacks, the success rate of targeted network penetration is high at 44%. For reference, the average success rate of cyber attacks by country is about 10-20%. The main targets of cyber attacks were Latin American countries, in which China is actively investing, and Taiwan and Hong Kong, which have strong resistance to the domination of the Chinese government. This is pointed out as a study result that overturns the conventional wisdom that the purpose of a Chinese cyber attack is to steal intellectual property.
In response to these Chinese cyber attacks, Microsoft analyzed that according to the change in the balance of power under China’s Belt and Road Initiative, Chinese cybercriminal organizations are thought to intensify intelligence gathering to understand their investment and diplomatic influence. In addition, China’s cyberattacks are characterized by persistence, and in the 2020 presidential election, it was found that they continued to act even after the collection of personal information was revealed and were active even on Election Day.
If you pay attention to the types of cyber attacks, one of the most serious is ransomware. Ransomware tends to target private companies directly connected to people’s lives, and attacks on the Colonial Pipeline, which operates the largest oil pipeline in the United States, temporarily suspend operations of the company’s facilities, suggesting a serious fuel shortage in the eastern region. It also developed into a situation.
When looking at the target of ransomware attacks by industry, 13% are retail, 12% are insurance and finance, and 12% are manufacturing and agriculture.
Microsoft said that if national cyber attacks such as espionage and sabotage are used more and more frequently, these attacks are expected to inflict more intense and lasting damage in the future. He pointed out that it should be made a priority in domestic and international discussions. Related information can be found here.
Add comment