This blog is based on the annual Microsoft Digital Defense Report, which covers the months of July 2020 to June 2021.
Recently Microsoft published their Digital Defense report exposing nations where cyberattacks mostly origin from. According to this report, large scale cyber attackers are countries such as North Korea, Iran and China. However, last year’s winner is Russia. Over the past year, Russia has been accounted for the majority of state-sponsored hackings according to the Digital Defense report published by Microsoft. With a 58% share, the winner primarily targets US government agencies. An example of one of Russia’s hacks is SolarWinds, which was discovered in 2020. The SolarWinds software has contributed to an increase in Russian succession of state-backed hackers by 11%. The success rate went up from 21% to 32%, which proves that the succession of the Russian attacks has increased drastically.
The Russian hacking group who was behind SolarWinds is called ‘Cozy Bear’. These not so snuggly bears are being accounted for more than 92% of Russian hacking activities. The group has largely humiliated the US government, and US senators still hold a grudge for this action. The group extracted 80% of all email accounts in the US Department of Justice.
As the US found the Cozy Bears not so cozy, they refer now to them as Nobelium. After the group of Cozy Bears was discovered, Russia started focusing on other areas such as organizations developing COVID-19 related operations, security and geopolitics again.
Russia can still learn a lot from its neighbor China regarding effectivity, as China has a cyberattack success rate of 44%. However, China was was only accounted for “less than one out of every ten state-sponsored hacking attempts”, which is only 8%, while Russia was responsible for 58% as aforementioned.
However, China and Russia are both very successful compared to the overall success rate of country hackers, as the average success rate is around 10 – 20%.
Facts regarding state-sponsored cyberattacks:
• Cyberattacks are mostly targeted at consumer retail (13%), financial services (12%), manufacturing (12%), government (11%) and health care (9%). The victim of these attacks are often the United States.
• Most often used, and fastest growing attack strategy are ransomware assaults. In this kind of digital assault, the hackers attempts to get money from its victims.
• State-sponsored cyberattacks are mainly aiming on gaining knowledge regarding geopolitics and security.