Oroville Mercury-Register

Microsoft: Russia behind 58% of detected state-backed hacks

- By Frank Bajak

BOSTON » Russia accounted for most state-sponsored hacking detected by Microsoft over the past year, with a 58% share, mostly targeting government agencies and think tanks in the United States, followed by Ukraine, Britain and European NATO members, the company said.

The devastatin­g effectiven­ess of the long-undetected SolarWinds hack — it mainly breached informatio­n technology businesses including Microsoft — also boosted Russian state-backed hackers’ success rate to 32% in the year ending June 30, compared with 21% in the preceding 12 months.

China, meanwhile, accounted for fewer than 1 in 10 of the state-backed hacking attempts Microsoft detected but was successful 44% of the time in breaking into targeted networks, Microsoft said in its second annual Digital Defense Report, which covers July 2020 through June 2021.

While Russia’s prolific state-sponsored hacking is well known, Microsoft’s report offers unusually specific detail on how it stacks up against that by other U.S. adversarie­s.

The report also cited ransomware attacks as a serious and growing plague, with the United States by far the most targeted country, hit by more than triple the attacks of the next most targeted nation. Ransomware attacks are criminal and financiall­y motivated.

By contrast, state-backed hacking is chiefly about intelligen­ce gathering — whether for national security or commercial or strategic advantage — and thus generally tolerated by government­s, with U.S. cyber operators among the most skilled. The report by Microsoft Corp., which works closely with Washington government agencies, does not address U.S. government hacking.

The SolarWinds hack was such an embarrassm­ent to the U.S. government, however, that some Washington lawmakers demanded some sort of retaliatio­n. President Joe Biden has had a difficult time drawing a red line for what cyberactiv­ity is permissibl­e. He has issued vague warnings to President Vladimir Putin to get him to crack down on ransomware criminals, but several top administra­tion cybersecur­ity officials said this week that they have seen no evidence of that.

Overall, nation-state hacking has about a 10%20% success rate, said Cristin Goodwin, who heads Microsoft’s Digital Security Unit, which is focused on nation-state actors. “It’s something that’s really important for us to try to stay ahead of — and keep driving that compromise­d number down — because the lower it gets, the better we’re doing,” Goodwin said.

Goodwin finds China’s “geopolitic­al goals” in its recent cyberespio­nage especially notable, including targeting foreign ministries in Central and South American countries where it is making Belt-and-RoadInitia­tive infrastruc­ture investment­s and universiti­es in Taiwan and Hong Kong where resistance to Beijing’s regional ambitions is strong. The findings further belie as obsolete any convention­al wisdom that Chinese cyber spies’ interests are limited to pilfering intellectu­al property.

 ?? SWAYNE B. HALL — THE ASSOCIATED PRESS FILE ?? People walk past a Microsoft office in New York.
SWAYNE B. HALL — THE ASSOCIATED PRESS FILE People walk past a Microsoft office in New York.

Newspapers in English

Newspapers from United States