In its annual digital defense report covering trends from July 2023 to July 2024, Microsoft highlights a worrying increase in cyber attacks.
The report reveals that Microsoft users face 600 million attacks per day, from both cybercriminals and state actors, also highlighting how cyber operations are deeply linked to geopolitical conflicts.
Microsoft saw a 2,75x increase in ransomware attacks compared to last year, but the percentage of organizations that ended up being "blackmailed" (reaching the data encryption stage) has more than tripled over the past two years.
Attackers still rely on predictable human behavior, such as choosing easy passwords and reusing them across multiple websites - making them easy victims of phishing attacks. Password attacks account for 99% of all user identity attacks.An alarming form of fraud is techscam, which deceives users by presenting legitimate services or technical support and false advertising. Techscam fraud traffic increased by 400% from 2021 to 2023, far outpacing the 180% increase in viruses and 30% in phishing, highlighting the need for stronger protections.
DDoS attacks continued to evolve. In the second half of the year, Microsoft mitigated 1.25 million DDoS attacks, which is a fourfold increase compared to last year.
Microsoft states that governments should impose penalties on malicious activity to prevent attacks. Current international standards in cyberspace lack effective enforcement, resulting in continued aggressive state-sponsored activities.