Microsoft Alerts Nearly 10,000 Customers of Attacks from Nation-Sponsored Hacking Groups
- The firm revealed that most of these attacks came from hacker groups based in Iran, North Korea, and Russia.
- Most of these attacks, around 84%, target large enterprises, while 16% of the attacks are directed at small businesses.
Microsoft has recently disclosed that it has notified nearly 10,000 customers of targeted attacks by state-sponsored hackers since last year. The firm has revealed that most of these attacks came from hacker groups based in Iran, North Korea, and Russia.
Which are these hacking groups?
The tech giant said that most of these nation-state groups continue to rely on cyberattacks to gain intelligence, influence geopolitics or other objectives.
The three hacking groups primarily involved in these attacks include:
- Holmium and Mercury operating from Iran
- Thallium operating from North Korea
- Yttrium and Strontium from Russia.
While 84% of these attacks carried out by these threat actors targeted the enterprise’s customers, about 16% were aimed at home consumers and their personal email accounts.
Tom Burt, Microsoft Corporate Vice President, revealed that the firm has sent 781 notifications to organizations enrolled under AccountGuard over the past year. Around 95% of these notifications were sent to US-based organizations.
Furthermore, Burt said that the firm has also detected nation-state attacks against political organizations involved in the electoral process.
“This data shows that democracy-focused organizations in the United States should be particularly concerned as 95% of these attacks have targeted U.S.-based organizations. By nature, these organizations are critical to society but have fewer resources to protect against cyberattacks than large enterprises,” Burt noted.