The Microsoft Digital Defence Report 2024 is out and its easy but sobering reading. A snippet summary of what’s been at play in our digital landscape highlights hostile governments leading the assault on our security.  Nation-state threat actors are conducting operations for financial gain and enlisting the aid of cybercriminals and commodity malware to collect intelligence. In 2024, a key insight was that Education and Research became the second-most targeted sector by nation-state threat actors. These institutions, offering intelligence on research and policy, are often used as testing grounds before pursuing their actual targets.

Ransomware remains a critical cybersecurity concern. Microsoft observed a 2.75x year-over-year increase in human-operated ransomware-linked encounters, where at least one device in a network was targeted. Although these encounters have risen, the percentage of organizations that are ultimately ransomed (reaching the encryption stage) has decreased more than threefold over the past two years.

Cyber-enabled financial fraud is rising globally, with new trends in payment fraud and the misuse of legitimate services for phishing and malicious activities. One alarming type of fraud is techscam, which tricks users by impersonating legitimate services or using fake technology support and ads. Techscam traffic surged 400% from 2021 to 2023, far outpacing the 180% rise in malware and 30% rise in phishing, underscoring the need for stronger defenses.

Some takeaways from the report:

  • The malign actors of the world are becoming better resourced and better prepared, with increasingly sophisticated tactics, techniques, and tools
  • Cyberattacks are continuing at a breathtaking scale, and as they increasingly put human health at risk.
  • Cybercriminals  attack with impunity, knowing law enforcement is hampered by the challenges of investigation and prosecution of cross-border crime, operating from within safe havens where host authorities turn a blind eye to the malicious activity.
  • Threat actors serving Russia and Iran are leaning into cyber and influence operations as tools to advance political and military objectives in wartime.
  • By the end of 2024, 2 billion people will have had the opportunity to vote in nationwide elections. Russia, Iran, and China all engaged in election influence efforts globally in 2024.
  • As multifactor authentication blocks most password-based attacks, threat actors are shifting their focus.

Download it here.

Back To Blogs