In its annual Digital Defense report, the giant reported that the number of ransomware attacks has doubled over the past 12 months.
- Fraudulent emails, text and voice messages are still the most common means used by cybercriminals to access user files.
- However, she pointed out Microsoft However, security vulnerabilities due to failed software updates and hackers exploiting known vulnerabilities are still a problem.
The report also stated that the number of operations Electronic fraud Detections have multiplied five-fold over the past two years, with Microsoft seeing around 100,000 scams per day in 2024.
In particular, Microsoft said that operations linked to China prefer to use AI-generated images, while operations linked to Russia prefer audio content.
However, the report explained that no evidence was observed that this content has succeeded in influencing the public, and that artificial intelligence is showing signs of great benefit to cybersecurity specialists, as a tool that helps speed up the response to cyberattacks and incidents.
In a related context to the report, Microsoft confirmed that it notes the increasing dependence of countries on cybercriminals and their tools to obtain intelligence information and achieve financial gains.
Most prominent countries
According to Microsoft’s Vice President of Security and Customer Trust, Tom Burt, the “vast majority” of cyber threat activity detected last year came from Russia, China, Iran, and North Korea, The Independent reported.
The report also indicated that many state-related activities were focused on areas of conflict and tension, especially in Ukraine and the Middle East.
Burt added: “With the exception of the United States and the United Kingdom, most of the threat activities associated with the countries that we monitored were centered around Israel, Ukraine, and Taiwan (..).”
Russia and Iran
He also explained that Iran and Russia exploited the war between Russia and Ukraine and the conflict between Israel and Hamas to spread misleading propaganda messages with the aim of expanding their influence beyond the geographical borders of these regions, which demonstrates the global nature of hybrid wars.
The report indicated that 75 percent of Russia’s targets were in Ukraine or one of the NATO member states, as Moscow sought to collect intelligence information about the West’s policies on the war.
The report claimed that Russia, along with Iran and China, was active in disinformation campaigns targeting the upcoming US elections, as part of efforts aimed at “weakening confidence in elections as the basis of democracy.”
600 million attacks
“Microsoft customers face more than 600 million cyber attacks every day, ranging from ransomware, phishing, and identity attacks,” Burt said.
He added: “State-linked actors have proven once again that cyber operations, whether for the purposes of espionage, destruction or influence, play an ongoing supporting role in broader geopolitical conflicts. We are also seeing increasing evidence of cybercrime gangs colluding with states, sharing tools and methods.”
He concluded his speech by saying: “We must find a way to limit this malicious cyber activity. This includes continuing to strengthen our digital defenses to protect our networks, our data, and our people at all levels. But these challenges will not be solved solely by implementing a set of cybersecurity measures, but through focus and commitment.” “The foundations of cyber defense, from the individual user to corporate executives and government leaders.”
High economic bill
For his part, Managing Director of IDT Consulting and Technology Systems, financial markets expert Mohamed Saeed, said in statements to the “Eqtisad Sky News Arabia” website:
- The economic cost of cyber attacks, including ransomware attacks, continues to rise as information technology spreads across various economic and strategic sectors.
- With every technological advance, these sectors become more vulnerable to cyber threats.
- By the end of 2024, the global cost of cyber attacks is expected to reach more than $8 trillion, and is expected to rise to more than $10 trillion by 2025.
- Among the most dangerous of these attacks are ransomware attacks, as the ransoms required to get rid of them now exceed millions, especially when targeting major economic institutions or vital infrastructure.
- The losses don’t stop when the ransom is paid; Even after operations are restored, companies face huge costs to rehabilitate systems and restore confidence, a cost that cannot be measured financially.
- Rebuilding trust with customers takes time, and may represent a greater loss than the attacks themselves.
He added: Statistics indicate an increasing percentage of companies with revenues between 10 and 50 million dollars that have been subjected to ransomware attacks… While some attacks focus on achieving financial gains, state-backed attacks usually target critical infrastructure.
He stressed that the sectors most vulnerable to these attacks include the financial sector, the transportation and aviation sectors, and the health sector, which represents a major target due to the sensitivity of the personal data it contains. This also includes the industrial sector.
Overall, the economic cost of cyberattacks is increasing by 30% annually, posing enormous challenges for organizations and governments alike.
Cyber threats
The academic advisor at San Jose State University in California, Dr. Ahmed Banafa, said in exclusive statements to “Iqtisad Sky News Arabia” website:
- Companies and governments around the world are exposed to increasing cyber threats, which leave behind impacts that go beyond purely technical damage, reaching profound economic and social repercussions.
- Cyberattacks today are no longer just hacks into data systems, but rather pose a real threat to the stability of markets and economies.
He added: As these attacks increase, it becomes difficult to determine an accurate cost due to their multiple complexities. However, economic losses can be divided into direct and indirect aspects:
- Direct losses:
On top of the direct losses is the financial ransom that companies pay to recover their data, as happened in the famous attack on the “Colonial Pipeline.” In addition, companies incur huge costs in incident response operations, by investigating the attack, recovering data, and updating security systems. But these are not the only costs; The interruption of activities due to these attacks leads to revenue losses and disruption of commercial and industrial operations.
- Indirect losses:
Indirect losses include significant damage to the reputation of target companies, leading to a decline in trust by customers and business partners, and thus a decrease in the value of shares. The repercussions do not end there, but in addition to the legal costs associated with fines and litigation, especially in cases of data breach.
The disruption of supply chains and logistics operations as a result of attacks increases economic pressures. One of the most serious of these losses is the leak of sensitive data, which can have a long-term impact on companies and governments, as it puts trade secrets and vital information at risk, according to Banafa.
Total economic costs
He explained that the greatest impact of these attacks appears in the overall economy. The increase in severity of threats causes investors to hesitate to pump money into markets that may be unsafe, leading to a decline in investments and a slowdown in economic growth. In addition, cyber insurance costs are rising significantly as a result of increasing risks in the digital space, increasing the financial burden on organizations.
The problem is exacerbated as evolving technology exposes new security vulnerabilities, opening the door to organized attacks. These attacks have turned into a profitable industry for criminal groups that find cyberspace a fertile arena for material gains. The matter is not limited to criminal attacks only, but some countries use cyber attacks as a tool for espionage and sabotage, adding a geopolitical dimension to the conflict in the digital space.
How can these threats be reduced?
To reduce these risks, Banafa explained in his interview with “Iqtisad Sky News Arabia” website that companies and governments must invest heavily in data protection technologies and train cadres specialized in cybersecurity. These threats cannot be effectively confronted without strengthening international cooperation and exchanging intelligence information between countries to coordinate efforts against cybercrimes.
In addition, legislation and laws must be updated to be deterrent and flexible in dealing with the development of cyber attacks. Finally, society’s awareness of cybersecurity risks must be enhanced at all levels, whether individuals or organizations, to reduce the possibility of attacks.