Wed. Feb 1st, 2023
    en flag
    nl flag
    et flag
    fi flag
    fr flag
    de flag
    he flag
    ja flag
    lv flag
    pl flag
    pt flag
    es flag
    uk flag

    Content Assessment: An Authoritarian Challenge of Cyber Aggression? The Microsoft Digital Defense Report 2022

    Information - 95%
    Insight - 96%
    Relevance - 97%
    Objectivity - 91%
    Authority - 94%

    95%

    Excellent

    A short percentage-based assessment of the qualitative benefit of the recently published Microsoft Digital Defense report 2022 and its coverage of key areas of interest ranging from the state of cybercrime to cyber resilience.

    Editor’s Note: From time to time, ComplexDiscovery highlights publicly available or privately purchasable announcements, content updates, and research from cyber, data, and legal discovery providers, research organizations, and ComplexDiscovery community members. While ComplexDiscovery regularly highlights this information, it does not assume any responsibility for content assertions.

    To submit recommendations for consideration and inclusion in ComplexDiscovery’s cyber, data, and legal discovery-centric service, product, or research announcements, contact us today.


    Background Note: According to Microsoft, the goal of the Microsoft Digital Defense Report, now in its third year, is to illuminate the evolving digital threat landscape across four key areas of focus: cybercrime, nation-state threats, devices & infrastructure, and cyber influence operations while providing insight and guidance on how to improve cyber resiliency. The 2022 update of this important report was published in early November and highlights the fact that on February 23, 2022, the cybersecurity world entered a new age, the age of the hybrid war. With an insightful introduction by Microsoft Corporate Vice President, Customer Security & Trust, Tom Burt, that speaks to this new cybersecurity world, the report may be beneficial for cybersecurity, information governance, and legal discovery professionals as they seek to keep up-to-date on areas ranging from cybercrime and Cybercrime-as-a-Service (CaaS) to new nation-state tactics and the rise of cyber mercenaries. 

    Microsoft Security Report*

    Microsoft Digital Defense Report 2022

    Illuminating the threat landscape and empowering digital defense.

    • Report Introduction Extract (Tom Burt, Corporate Vice President, Customer Security & Trust, Microsoft)
    • Report Quotes (Selected Microsoft Experts)

    The state of cybercrime

    Cybercriminals continue to act as sophisticated profit enterprises. Attackers are adapting and finding new ways to implement their techniques, increasing the complexity of how and where they host campaign operation infrastructure. At the same time, cybercriminals are becoming more frugal. To lower their overhead and boost the appearance of legitimacy, attackers are compromising business networks and devices to host phishing campaigns, malware, or even use their computing power to mine cryptocurrency.

    Attackers are adapting and finding new ways to implement their techniques, increasing the complexity of how and where they host campaign operation infrastructure. We have observed cybercriminals becoming more frugal and attackers are no longer paying for technology. To lower their overhead and boost the appearance of legitimacy, some attackers increasingly seek to compromise businesses to host phishing campaigns, malware, or even use their computing power to mine cryptocurrency.

    Amy Hogan-Burney, General Manager, Digital Crimes Unit

    Nation-state threats

    Nation-state actors are launching increasingly sophisticated cyberattacks designed to evade detection and further their strategic priorities. The advent of cyberweapon deployment in the hybrid war in Ukraine is the dawn of a new age of conflict. Russia has also supported its war with information influence operations, using propaganda to impact opinions in Russia, Ukraine, and globally. Outside Ukraine, nation-state actors have increased activity and have begun using advancements in automation, cloud infrastructure, and remote access technologies to attack a wider set of targets. Corporate IT supply chains that enable access to ultimate targets were frequently attacked. Cybersecurity hygiene became even more critical as actors rapidly exploited unpatched vulnerabilities, used both sophisticated and brute force techniques to steal credentials, and obfuscated their operations by using open-source or legitimate software. In addition, Iran joins Russia in the use of destructive cyberweapons, including ransomware, as a staple of their attacks. These developments require urgent adoption of a consistent, global framework that prioritizes human rights and protects people from reckless state behavior online. All nations must work together to implement norms and rules for responsible state conduct.

    Before the invasion of Ukraine, governments thought that data needed to stay inside a country in order to be secure. After the invasion, migrating data to the cloud and moving outside territorial borders is now a part of resiliency planning and good governance.

    Cristin Flynn Goodwin, Associate General Counsel, Customer Security & Trust

    Devices and infrastructure

    The pandemic, coupled with rapid adoption of internet-facing devices of all kinds as a component of accelerating digital transformation, has greatly increased the attack surface of our digital world. As a result, cybercriminals and nation-states are quickly taking advantage. While the security of IT hardware and software has strengthened in recent years, the security of IoT and OT devices security has not kept pace. Threat actors are exploiting these devices to establish access on networks and enable lateral movement, to establish a foothold in a supply chain, or to disrupt the target organization’s OT operations.

    From a security operation standpoint network defenders take multiple approaches to improving their organization’s IoT/OT security posture. One approach is to implement continuous monitoring of IoT and OT devices. Another is to “shift-left”—meaning to demand and implement better cybersecurity practices for the IoT and OT devices themselves. A third approach is to implement a security monitoring solution which spans both IT and OT networks. This holistic approach has the significant added benefit of contributing to critical organizational processes, such as “breaking the silos” between OT and IT, which in turn enables the organization to reach an enhanced security posture while meeting business objectives.

    Michal Braverman-Blumenstyk, Corporate Vice President, Chief Technology Officer, Cloud and AI Security

    Cyber influence operations

    Nation states are increasingly using sophisticated influence operations to distribute propaganda and impact public opinion both domestically and internationally. These campaigns erode trust, increase polarization, and threaten democratic processes. Skilled Advanced Persistent Manipulator actors are using traditional media together with internet and social media to vastly increase the scope, scale, and efficiency of their campaigns, and the outsized impact they are having in the global information ecosystem. In the past year, we have seen these operations used as part of Russia’s hybrid war in Ukraine, but have also seen Russia and other nations, including China and Iran, increasingly deploy propaganda operations powered by social media to extend their global influence on a range of issues.

    The rapidly changing nature of the information ecosystem and nation-state online propaganda, including the melding of traditional cyberattacks with influence operations and the interference in democratic elections, requires a whole-of-society approach to mitigate against both online and offline threats to democracy.

    Teresa Hutson, Vice President, Technology and Corporate Responsibility

    Cyber resilience

    Security is a key enabler of technological success. Innovation and enhanced productivity can only be achieved by introducing security measures that make organizations as resilient as possible against modern attacks. The pandemic has challenged us at Microsoft to pivot our security practices and technologies to protect our employees wherever they work. This past year, threat actors continued to take advantage of vulnerabilities exposed during the pandemic and the shift to a hybrid work environment. Since then, our principal challenge has been managing the prevalence and complexity of various attack methods and increased nation-state activity.

    We live in an era where security is a key enabler of technological success. Innovation and enhanced productivity can only be achieved by introducing security measures that make organizations as resilient as possible against modern attacks. As digital threats increase and evolve, it’s crucial to build cyber resilience into the fabric of every organization.

    Bret Arsenault, Chief Information Security Officer

    Read the complete report announcement.


    Complete Report: Microsoft Digital Defense Report 2022 (PDF) – Mouseover to Scroll

    Microsoft Digital Defense Report 2022

    Read the original report.


    *Shared with permission.

    Additional Reading

    Source: ComplexDiscovery

     

    Have a Request?

    If you have information or offering requests that you would like to ask us about, please let us know and we will make our response to you a priority.

    ComplexDiscovery is an online publication that highlights cyber, data, and legal discovery insight and intelligence ranging from original research to aggregated news for use by cybersecurity, information governance, and eDiscovery professionals. The highly targeted publication seeks to increase the collective understanding of readers regarding cyber, data, and legal discovery information and issues and to provide an objective resource for considering trends, technologies, and services related to electronically stored information.

    ComplexDiscovery OÜ is a technology marketing firm providing strategic planning and tactical execution expertise in support of cyber, data, and legal discovery organizations. Focused primarily on supporting the ComplexDiscovery publication, the company is registered as a private limited company in the European Union country of Estonia, one of the most digitally advanced countries in the world. The company operates virtually worldwide to deliver marketing consulting and services.