Microsoft revealed that Russia-linked cyberespionage groups are behind the majority of the nation-state cyber attacks on US government agencies.
Microsoft revealed that most of the cyber attacks on US government agencies are orchestrated by Russia-linked cyberespionage groups. According to the IT giant, approximately 58% of all nation-state attacks between July 2020 and June 2021 were launched by Russian nation-state actors. According to Microsoft, Russian nation-state actors mainly targeted entities in the United States, Ukraine and the UK.
“During the past year, 58% of all cyberattacks observed by Microsoft from nation-states have come from Russia. And attacks from Russian nation-state actors are increasingly effective, jumping from a 21% successful compromise rate last year to a 32% rate this year.” reads the post published by Micros “Russian nation-state actors are increasingly targeting government agencies for intelligence gathering, which jumped from 3% of their targets a year ago to 53% – largely agencies involved in foreign policy, national security or defense.”
The analysis of attacks by countries of origin revealed that North Korea accounted for 20% of the attacks, followed by Iran (23%) and China (22%).
Microsoft pointed out that cyberespionage is not the only motivation behind the attack, Iranian APT groups, for example, were responsible of destructive attacks on Israel. North Korea-linked threat actors also targeted financial institutions and cryptocurrency companies for profit.
“21% of attacks we observed across nation-state actors targeted consumers and 79% targeted enterprises with the most targeted sectors being government (48%), NGOs and think tanks (31%), education (3%), intergovernmental organizations (3%), IT (2%), energy (1%) and media (1%).” continues the report.
Microsoft revealed that to have sent a total of 20,500 notifications of hacking attempts by all nation-state actors to its customers in the past three years.
(SecurityAffairs – hacking, nation-state attacks)