Yesterday, Microsoft published its annual Digital Defense Report analyzing trends among its customers from June 2022 to July 2023 with the company noting a 275% year-over-year rise in human-operated ransomware-linked encounters.
On a positive note, over the past two years, the number of ransomware attacks that reached the encryption stage fell by 300%, primarily due to advancements in automatic attack disruption technologies.
In over 90% of cases where attacks advanced to the ransom stage, the attackers exploited unmanaged devices within the network, either to gain initial access or to remotely encrypt assets during the impact phase.
The most common initial access techniques continue to be social engineering, identity compromise and exploiting vulnerabilities in publicly facing applications or unpatched operating systems.
According to Tom Burt, Microsoft’s corporate vice president of customer security and trust, the ransomware issue underscores the connection between nation-state activities and financially motivated cybercrime. This problem is exacerbated by countries leveraging these operations for profit, as well as those that take little to no action against cybercrime occurring within their borders.
Expert Evan Dornbush, former NSA cybersecurity expert, offers perspectives on the matter:
“This report signals one trend currently getting little attention and likely to define the future of cyber: the amount of money criminals can earn.
“Per the Microsoft report, government, as a sector, only makes up 12% of the aggressors’ targeting sets. The vast majority of victims are in the private sector.
“Tom writes “improved defense will not be enough”. Until the economic model is fundamentally altered, making it cheaper to defend or more expensive to attack, the advantage will increasingly drift towards the criminal.”
The Microsoft Digital Defense Report is required reading as it provides facts on how dangerous and complex the threat is. And by understanding that, it will allow organizations to better prepare for the attacks that are headed their way.
Like this:
Like Loading...
Related
This entry was posted on October 17, 2024 at 8:42 am and is filed under Commentary with tags Microsoft. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
275% Rise In Ransomware-Related Attacks: Microsoft
Yesterday, Microsoft published its annual Digital Defense Report analyzing trends among its customers from June 2022 to July 2023 with the company noting a 275% year-over-year rise in human-operated ransomware-linked encounters.
On a positive note, over the past two years, the number of ransomware attacks that reached the encryption stage fell by 300%, primarily due to advancements in automatic attack disruption technologies.
In over 90% of cases where attacks advanced to the ransom stage, the attackers exploited unmanaged devices within the network, either to gain initial access or to remotely encrypt assets during the impact phase.
The most common initial access techniques continue to be social engineering, identity compromise and exploiting vulnerabilities in publicly facing applications or unpatched operating systems.
According to Tom Burt, Microsoft’s corporate vice president of customer security and trust, the ransomware issue underscores the connection between nation-state activities and financially motivated cybercrime. This problem is exacerbated by countries leveraging these operations for profit, as well as those that take little to no action against cybercrime occurring within their borders.
Expert Evan Dornbush, former NSA cybersecurity expert, offers perspectives on the matter:
“This report signals one trend currently getting little attention and likely to define the future of cyber: the amount of money criminals can earn.
“Per the Microsoft report, government, as a sector, only makes up 12% of the aggressors’ targeting sets. The vast majority of victims are in the private sector.
“Tom writes “improved defense will not be enough”. Until the economic model is fundamentally altered, making it cheaper to defend or more expensive to attack, the advantage will increasingly drift towards the criminal.”
The Microsoft Digital Defense Report is required reading as it provides facts on how dangerous and complex the threat is. And by understanding that, it will allow organizations to better prepare for the attacks that are headed their way.
Share this:
Like this:
Related
This entry was posted on October 17, 2024 at 8:42 am and is filed under Commentary with tags Microsoft. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.