Microsoft’s Digital Defense Report 2023: Ten Key Insights Uncovered

• The global threat landscape is becoming more complicated with increasing sophistication and speed of cyberattacks, as reflected in Microsoft’s Digital Defense Report 2023.
• Basic security hygiene, such as multifactor authentication and the use of Zero Trust principles, can still protect against 99% of attacks.
• The instances of human-operated ransomware attacks have risen by over 200% since September 2022, with smaller companies being particularly vulnerable.
• Microsoft has observed a tenfold increase in attempted password attacks over a year, with many organizations not implementing secure measures like MFA, leaving them open to phishing, credential stuffing, and brute force attacks.
• The Microsoft Digital Crimes Unit has seen Business Email Compromise (BEC) attempts reach an all-time high of 156,000 daily attempts.
• Nation-state actors are targeting critical infrastructure, educational institutions, and policy-making organizations, increasing their global target set.
• A growing trend sees nation-state actors combining influence operations and cyberattacks to spread favored narratives, stoke social tensions and amplify confusion.
• Internet of Things (IoT) and Operational Technology (OT) devices are increasingly becoming targets due to their inherent difficulty to defend.
• Artificial Intelligence and its potential in transforming cybersecurity can see the automation and augmentation of security tasks, creating safer systems with the help of insights from larger language models.
• Strong public-private collaboration is necessary for improving collective knowledge and resilience, and countering growing and evolving cyberthreats.

The Microsoft Digital Defense Report 2023 details key trends in cybersecurity, identifying the rise of human-operated ransomware attacks, a significant increase in password-based attacks and Business Email Compromise (BEC) attempts, and an evolving target set for nation-state actors. While basic security hygiene can avert most cyberattacks, increased incidents can be a result of many organizations not implementing secure practices like Multifactor Authentication (MFA).

Nation-state actors are expanding their targets to include education and policy-making institutions, and integrating influence operations with cyberattacks to spread disinformation. Devices in the Internet of Things and Operational Technology (OT) sectors are becoming attractive targets, with about 25% of OT devices using unsupported operating systems and 46% of IoT devices with known vulnerabilities on customer networks unable to be patched.

Simultaneously, AI and large language models hold transformative potential for cybersecurity by automating and augmenting tasks for detecting hidden patterns and behaviors. Furthermore, public-private collaboration is seen as key to resisting evolving cyberthreats by sharing collective knowledge and contributing to mitigation guidance across the security ecosystem.