Accessibility links

Breaking News

Microsoft: Russia Cyberattacks Targeting More Governments, Agencies

FILE - A computer screen displays cyber code in this picture illustration taken October 4, 2018.
FILE - A computer screen displays cyber code in this picture illustration taken October 4, 2018.

Russia appears to be getting more aggressive and more successful as the nation's hackers launch a growing number of cyberattacks against the United States and other nations, according to a new report by Microsoft.

Microsoft's 2021 Digital Defense Report warns that what it labels as "Russian nation-state actors" are responsible for 58% of all nation-state cyberattacks, and that they are now successful almost one out of every three times.

"Russia-based activity groups have solidified their position as acute threats to the global digital ecosystem," the report said, cautioning that Russian cyber actors have been adaptable, getting better at using open-source tools "that make them increasingly difficult to detect."

Microsoft also said Russia's most frequent target was the United States, followed by Ukraine and Britain, and that the focus seems to be shifting toward intelligence gathering, with more than half of Russian attacks now targeting agencies involved with foreign policy, national security or defense, up from just 3% a year earlier.

According to Microsoft, after Russia, the greatest number of cyberattacks came from North Korea, Iran and China.

North Korea's top target was cryptocurrency companies, while Iran quadrupled its attacks on Israel as tensions between the two countries grew steadily.

China also was active, focusing much of its cyber efforts on intelligence gathering.

Microsoft said a large part of Beijing's efforts, through a threat actor called Chromium, focused on gathering social, economic and political intelligence from India, Malaysia, Mongolia, Pakistan and Thailand.

Another prominent Chinese threat actor, known as Nickel, focused its efforts on foreign ministries in Central and South America.

The report also said that South Korea, Turkey and Vietnam were increasingly active in cyberspace, though the volume of attacks carried out from those countries paled in comparison with Russia, North Korea, Iran and China.

Top U.S. officials have shared their concerns about the growing danger from cyberattacks, especially from nation-state adversaries, in recent weeks. And many have voiced support for legislation that would require private companies to notify the U.S. government if their systems were breached.

"I think we're at a point, seeing the arc of cybercrimes and the cyberthreats, that really there's an urgency to it," U.S. Homeland Security Secretary Alejandro Mayorkas told a virtual cybersecurity conference earlier this week. "We're optimistic the legislation will pass."

Speaking at the same summit Thursday, U.S. Cybersecurity and Infrastructure Security Agency Director Jen Easterly said that while many of the threats are not new, they remain worrisome, given "how vulnerable some of our critical infrastructure sectors are."