Microsoft customers were besieged last year by ransomware attacks, with the company reporting that the volume had nearly tripled from the previous year.
In an annual report, the company revealed that attacks had risen 275% year-over-year between July 2023 and June 2024.
However, calming fears prompted by this dramatic increase, it also revealed that the percentage of attacks that reach actual encryption phase has decreased even though ransomware attackers remain relentless
Persistent Threat
Microsoft’s Digital Defense Report makes for a terrifying read. It reveals 389 healthcare institutions were successfully hit by ransomware in the US in this fiscal year. These resulted in “network closures, systems offline, critical medical operations delayed, and appointments rescheduled,” Microsoft writes.
Education is a new focus for malicious agents, coming second after the technology sector.
This just in! View
the top business tech deals for 2024 👨💻
It also warns that state-sponsored hackers are becoming more brazen.
“They are not just stealing data, but launching ransomware, prepositioning backdoors for future destruction, sabotaging operations, and conducting influence campaigns.” – Microsoft report
The Scale of the Problem
The report gives a sense of the scale of the problem, with Microsoft sharing that it “process[es] more than 78 trillion security signals per day, from billions of Windows endpoints, The Cloud, and a broad spectrum of products and services.”
It also reveals that attacks are now often carried out in tandem with influence campaigns, especially if a nation state is behind them. This “hybrid warfare” is global, it says, and ransomware just one of the weapons being used.
The report echoes a briefing held earlier this month ahead of the Government’s fourth annual International Counter Ransomware Initiative summit. Cybersecurity Dive reported that US officials shared there had been 4,506 attacks in 2023 compared to 2,593 global attacks in 2022.
“In the first half of 2024, we’re tracking 2,321 attacks.” – Laura Galante, director of the Cyber Threat Intelligence Integration Center at the Office of the Director of National Intelligence.
Some Cause to Celebrate
The report does offer a glimmer of hope as the percentage of attacks reaching actual encryption phase has decreased over the past two years by threefold.
“Automatic attack disruption contributed to this positive trend in decreasing successful attacks. In more than 90% of cases where attacks progressed to ransom stage, the attacker had leveraged unmanaged devices in the network, either to gain initial access or to remotely encrypt assets at the impact stage.” – Microsoft spokesperson
How to Counter the Attacks
Commenting on the findings of the report, one Microsoft executive issued a call to action.
“With more than 600 million attacks per day targeting Microsoft customers alone, there must be countervailing pressure to reduce the overall number of attacks online.” – Tom Burt, Microsoft’s corporate VP of customer security and trust in a blog post.
“Effective deterrence can be achieved in two ways: by denial of intrusions or by imposing consequences for malicious behavior,” he added. “To shift the playing field, it will take conscientiousness and commitment by both the public and private sectors so that attackers no longer have the advantage.”
