Tue. Mar 19th, 2024

Content Assessment: An Authoritarian Challenge of Cyber Aggression? The Microsoft Digital Defense Report 2022

Information - 95%
Insight - 96%
Relevance - 97%
Objectivity - 91%
Authority - 94%

95%

Excellent

A short percentage-based assessment of the qualitative benefit of the recently published Microsoft Digital Defense report 2022 and its coverage of key areas of interest ranging from the state of cybercrime to cyber resilience.

Editor’s Note: From time to time, ComplexDiscovery highlights publicly available or privately purchasable announcements, content updates, and research from cyber, data, and legal discovery providers, research organizations, and ComplexDiscovery community members. While ComplexDiscovery regularly highlights this information, it does not assume any responsibility for content assertions.

To submit recommendations for consideration and inclusion in ComplexDiscovery’s cyber, data, and legal discovery-centric service, product, or research announcements, contact us today.


Background Note: According to Microsoft, the goal of the Microsoft Digital Defense Report, now in its third year, is to illuminate the evolving digital threat landscape across four key areas of focus: cybercrime, nation-state threats, devices & infrastructure, and cyber influence operations while providing insight and guidance on how to improve cyber resiliency. The 2022 update of this important report was published in early November and highlights the fact that on February 23, 2022, the cybersecurity world entered a new age, the age of the hybrid war. With an insightful introduction by Microsoft Corporate Vice President, Customer Security & Trust, Tom Burt, that speaks to this new cybersecurity world, the report may be beneficial for cybersecurity, information governance, and legal discovery professionals as they seek to keep up-to-date on areas ranging from cybercrime and Cybercrime-as-a-Service (CaaS) to new nation-state tactics and the rise of cyber mercenaries. 

Microsoft Security Report*

Microsoft Digital Defense Report 2022

Illuminating the threat landscape and empowering digital defense.

  • Report Introduction Extract (Tom Burt, Corporate Vice President, Customer Security & Trust, Microsoft)
  • Report Quotes (Selected Microsoft Experts)

The state of cybercrime

Cybercriminals continue to act as sophisticated profit enterprises. Attackers are adapting and finding new ways to implement their techniques, increasing the complexity of how and where they host campaign operation infrastructure. At the same time, cybercriminals are becoming more frugal. To lower their overhead and boost the appearance of legitimacy, attackers are compromising business networks and devices to host phishing campaigns, malware, or even use their computing power to mine cryptocurrency.

Attackers are adapting and finding new ways to implement their techniques, increasing the complexity of how and where they host campaign operation infrastructure. We have observed cybercriminals becoming more frugal and attackers are no longer paying for technology. To lower their overhead and boost the appearance of legitimacy, some attackers increasingly seek to compromise businesses to host phishing campaigns, malware, or even use their computing power to mine cryptocurrency.

Amy Hogan-Burney, General Manager, Digital Crimes Unit

Nation-state threats

Nation-state actors are launching increasingly sophisticated cyberattacks designed to evade detection and further their strategic priorities. The advent of cyberweapon deployment in the hybrid war in Ukraine is the dawn of a new age of conflict. Russia has also supported its war with information influence operations, using propaganda to impact opinions in Russia, Ukraine, and globally. Outside Ukraine, nation-state actors have increased activity and have begun using advancements in automation, cloud infrastructure, and remote access technologies to attack a wider set of targets. Corporate IT supply chains that enable access to ultimate targets were frequently attacked. Cybersecurity hygiene became even more critical as actors rapidly exploited unpatched vulnerabilities, used both sophisticated and brute force techniques to steal credentials, and obfuscated their operations by using open-source or legitimate software. In addition, Iran joins Russia in the use of destructive cyberweapons, including ransomware, as a staple of their attacks. These developments require urgent adoption of a consistent, global framework that prioritizes human rights and protects people from reckless state behavior online. All nations must work together to implement norms and rules for responsible state conduct.

Before the invasion of Ukraine, governments thought that data needed to stay inside a country in order to be secure. After the invasion, migrating data to the cloud and moving outside territorial borders is now a part of resiliency planning and good governance.

Cristin Flynn Goodwin, Associate General Counsel, Customer Security & Trust

Devices and infrastructure

The pandemic, coupled with rapid adoption of internet-facing devices of all kinds as a component of accelerating digital transformation, has greatly increased the attack surface of our digital world. As a result, cybercriminals and nation-states are quickly taking advantage. While the security of IT hardware and software has strengthened in recent years, the security of IoT and OT devices security has not kept pace. Threat actors are exploiting these devices to establish access on networks and enable lateral movement, to establish a foothold in a supply chain, or to disrupt the target organization’s OT operations.

From a security operation standpoint network defenders take multiple approaches to improving their organization’s IoT/OT security posture. One approach is to implement continuous monitoring of IoT and OT devices. Another is to “shift-left”—meaning to demand and implement better cybersecurity practices for the IoT and OT devices themselves. A third approach is to implement a security monitoring solution which spans both IT and OT networks. This holistic approach has the significant added benefit of contributing to critical organizational processes, such as “breaking the silos” between OT and IT, which in turn enables the organization to reach an enhanced security posture while meeting business objectives.

Michal Braverman-Blumenstyk, Corporate Vice President, Chief Technology Officer, Cloud and AI Security

Cyber influence operations

Nation states are increasingly using sophisticated influence operations to distribute propaganda and impact public opinion both domestically and internationally. These campaigns erode trust, increase polarization, and threaten democratic processes. Skilled Advanced Persistent Manipulator actors are using traditional media together with internet and social media to vastly increase the scope, scale, and efficiency of their campaigns, and the outsized impact they are having in the global information ecosystem. In the past year, we have seen these operations used as part of Russia’s hybrid war in Ukraine, but have also seen Russia and other nations, including China and Iran, increasingly deploy propaganda operations powered by social media to extend their global influence on a range of issues.

The rapidly changing nature of the information ecosystem and nation-state online propaganda, including the melding of traditional cyberattacks with influence operations and the interference in democratic elections, requires a whole-of-society approach to mitigate against both online and offline threats to democracy.

Teresa Hutson, Vice President, Technology and Corporate Responsibility

Cyber resilience

Security is a key enabler of technological success. Innovation and enhanced productivity can only be achieved by introducing security measures that make organizations as resilient as possible against modern attacks. The pandemic has challenged us at Microsoft to pivot our security practices and technologies to protect our employees wherever they work. This past year, threat actors continued to take advantage of vulnerabilities exposed during the pandemic and the shift to a hybrid work environment. Since then, our principal challenge has been managing the prevalence and complexity of various attack methods and increased nation-state activity.

We live in an era where security is a key enabler of technological success. Innovation and enhanced productivity can only be achieved by introducing security measures that make organizations as resilient as possible against modern attacks. As digital threats increase and evolve, it’s crucial to build cyber resilience into the fabric of every organization.

Bret Arsenault, Chief Information Security Officer

Read the complete report announcement.


Complete Report: Microsoft Digital Defense Report 2022 (PDF) – Mouseover to Scroll

Microsoft Digital Defense Report 2022

Read the original report.


*Shared with permission.

Additional Reading

Source: ComplexDiscovery

 

Generative Artificial Intelligence and Large Language Model Use

ComplexDiscovery OÜ recognizes the value of GAI and LLM tools in streamlining content creation processes and enhancing the overall quality of its research, writing, and editing efforts. To this end, ComplexDiscovery OÜ regularly employs GAI tools, including ChatGPT, Claude, Midjourney, and DALL-E, to assist, augment, and accelerate the development and publication of both new and revised content in posts and pages published (initiated in late 2022).

ComplexDiscovery also provides a ChatGPT-powered AI article assistant for its users. This feature leverages LLM capabilities to generate relevant and valuable insights related to specific page and post content published on ComplexDiscovery.com. By offering this AI-driven service, ComplexDiscovery OÜ aims to create a more interactive and engaging experience for its users, while highlighting the importance of responsible and ethical use of GAI and LLM technologies.

 

Have a Request?

If you have information or offering requests that you would like to ask us about, please let us know, and we will make our response to you a priority.

ComplexDiscovery OÜ is a highly recognized digital publication focused on providing detailed insights into the fields of cybersecurity, information governance, and eDiscovery. Based in Estonia, a hub for digital innovation, ComplexDiscovery OÜ upholds rigorous standards in journalistic integrity, delivering nuanced analyses of global trends, technology advancements, and the eDiscovery sector. The publication expertly connects intricate legal technology issues with the broader narrative of international business and current events, offering its readership invaluable insights for informed decision-making.

For the latest in law, technology, and business, visit ComplexDiscovery.com.