The past few years have been marked by a quickly changing geopolitical landscape. Conflicts within or between various countries have created new opportunities for nation-state actors — cybercrime organizations that are backed by foreign governments. They’re well-funded and capable of coordinating sophisticated attacks.
An unprecedented number of nation-state threats have been identified since the beginning of the COVID-19 pandemic. Many originate from Russia, North Korea, China, and Iran. The nature of these attacks has evolved; phishing schemes and brute-force attacks aren’t uncommon, but digital espionage is a far more prevalent goal.
Government organizations like diplomatic and defence entities, of course, are particularly vulnerable to this kind of attack. However, nation-state actors don’t just go after other governments. Microsoft has also seen an increasing number of attacks carried out against energy and utility companies, higher education, economic/financial organizations, law firms, medical research facilities, and healthcare providers. The motivations for attacking these types of businesses range from their proximity to government organizations to their ability to pay up after a ransomware attack, bringing in even more funding for these threat actors to go after critical infrastructure.