Russia Dominates State-Sponsored Attacks, says Microsoft
According to Microsoft data, Russia accounted for the majority of state-sponsored attacks over the past year, with the SolarWinds attackers dominating threat activity. The Digital Defense Report 2021 is the first of its kind released by Microsoft and covers a year-long period between June 2020 and June 2021. The report details state and cybercrime activity, highlighting that Kremlin-backed raids accounted for 58% of all nation-state attacks during the period. Nobelium, also known as Cozy Bear or APT29, generated the vast majority of attack notifications reported to Microsoft.
Nobelium was responsible for the highly sophisticated and well-known SolarWinds campaign, which compromised at least nine US government departments. Microsoft also noted that Russian state-back attacks are becoming increasingly successful after identifying a 10% increase in success rate year on year. The attacks focus primarily on the US, UK, and Ukraine. The second state responsible for the most cyberattacks was North Korea at 23%, then Iran at 11%, and China at 8%. Microsoft stated that not all of these attacks are cyber espionage-focused as Iran has increased destructive attacks against Israel and North Korea attempts to target cryptocurrency companies.