58% of all nation-state attacks in the last year were launched by Russian nation-state actors

58% of all nation-state attacks in the last year were launched by Russian nation-state actors

Microsoft revealed that Russia-linked cyberespionage groups are behind the majority of the nation-state cyber attacks on US government agencies.

Microsoft revealed that most of the cyber attacks on US government agencies are orchestrated by Russia-linked cyberespionage groups. According to the IT giant, approximately 58% of all nation-state attacks between July 2020 and June 2021 were launched by Russian nation-state actors. According to Microsoft, Russian nation-state actors mainly targeted entities in the United States, Ukraine and the UK.  

“During the past year, 58% of all cyberattacks observed by Microsoft from nation-states have come from Russia. And attacks from Russian nation-state actors are increasingly effective, jumping from a 21% successful compromise rate last year to a 32% rate this year.” reads the post published by Micros  “Russian nation-state actors are increasingly targeting government agencies for intelligence gathering, which jumped from 3% of their targets a year ago to 53% – largely agencies involved in foreign policy, national security or defense.”

Russia-linked nation-state actor

According to the report published by Microsoft, the Russia-linked NOBELIUM APT is responsible for 92% of the notifications to customers about Russia-based threat activity.

Other nation-state groups that were very active between July 2020 and June 2021 are THALLIUM and PHOSPHORUS
APT groups.

Russia-linked nation-state actor 2

The analysis of attacks by countries of origin revealed that North Korea accounted for 20% of the attacks, followed by Iran (23%) and China (22%).

Microsoft pointed out that cyberespionage is not the only motivation behind the attack, Iranian APT groups, for example, were responsible of destructive attacks on Israel. North Korea-linked threat actors also targeted financial institutions and cryptocurrency companies for profit. 

“21% of attacks we observed across nation-state actors targeted consumers and 79% targeted enterprises with the most targeted sectors being government (48%), NGOs and think tanks (31%), education (3%), intergovernmental organizations (3%), IT (2%), energy (1%) and media (1%).” continues the report.

Microsoft revealed that to have sent a total of 20,500 notifications of hacking attempts by all nation-state actors to its customers in the past three years. 

Follow me on Twitter: @securityaffairs and Facebook

Pierluigi Paganini

(SecurityAffairs – hacking, nation-state attacks)




Leave a Reply

Your email address will not be published. Required fields are marked *