- Microsoft’s Digital Defense Report reveals that latest cybersecurity trends
- Hackers and defenders are turning to AI to boost productivity
- Nation-state hackers are launching even more attacks
With great power comes great responsibility, but in the case of artificial intelligence Uncle Ben’s words aren’t hitting home.
Hackers are increasingly integrating AI into their attack patterns, using it to craft convincing phishing emails to steal login credentials.
After all, why battle with cyber defenses that an organization has spent tens of thousands of dollars on when you can simply steal the keys and walk through the door. But there is hope…
Panning for digital gold
Microsoft’s sixth Digital Defense Report (DDR), released today, has found that over 80% of the attacks investigated by Microsoft’s security teams were in pursuit of data. Hackers are earning big bucks by accessing systems, stealing and then encrypting or deleting data, and then ransoming the data back to the victim.
While the hackers may be financially motivated, the attacks have real world consequences. Recent trends have shown that attackers are turning towards critical health services and government systems, particularly those that rely on outdated hardware or without the funds to mount a proper defense.
After being hit by ransomware, hospitals and care facilities are more inclined to pay to restore access to systems, or otherwise face operation delays and even patient deaths. Humans remain the weakest link in cybersecurity, with credentials being stolen to bypass security systems and access the heart of organizations.
Luckily, there is a simple tool that can defend against 99% of identity-based attacks. Multi-factor authentication prevents attackers from logging into accounts even if they have the correct credentials by requiring verification that the login attempt is coming from the legitimate account owner.
Authentication apps are especially effective against infostealing malware. Even if it is successfully deployed within an organization and harvesting credentials, the data it gathers is effectively useless if the attackers cannot also authenticate themselves.
AI on the rise
Attackers and defenders are increasingly turning to AI to crack and patch up cyber defenses. Rather than sending emails manually, attackers are using AI to craft convincing copy in multiple languages and then sending it out en masse.
AI is also enabling hackers to build malware that can mutate, giving it an effective camouflage against security software. In fact, AI’s usage within the cyber world has risen almost in sequence with the release of powerful new models.
Defenders are also taking advantage of AI tools to spot phishing attacks, new malware, training, and potential threats – so there is a balance.
Hackers aren’t all just regular Joes taking a bet on ransoming data for a quick pay day – sophisticated nation-state actors are launching more campaigns for intelligence gathering, disruption, and financial gain.
For example, China has launched numerous high-profile campaigns over the past year, with the most prolific attack being against major US telecommunications providers. Iran is targeting western maritime commerce organizations, potentially signaling attacks against commercial shipping in the Middle East.
Microsoft also noted a significant expansion in Russian groups targeting organizations dedicated to supporting Ukraine, particularly small businesses without the budget to pay for powerful protection suites.
North Korean groups continue to seek funding for the hermit kingdom, with attackers successfully applying for jobs in targeted companies, stealing sensitive information to further tech development at home, and deploying ransomware when discovered as a way to deliver extra funds back home.
And the future?
In the 2025 DDR, Microsoft calls on governments as well as private organizations to increase intelligence sharing and training. Microsoft also believes that greater security governance could help to provide a deterrent for organizations that might pay a ransom. After all, if you remove the incentive to deploy ransomware, hackers will (theoretically) stop deploying ransomware.
Microsoft also says that fighting against the rapidly evolving security environment is a societal challenge as the economic, governmental, and social systems we rely on are in grave danger. Deterrence is the goal, with governments calling out nation-state attacks and applying sanctions, offering real world consequences for hostile nations.
You might also like
- Take a look at the best password managers
- I’ve rounded up the best antivirus software
- A new wave of ‘Shadow AI’ is worrying workplaces
