Microsoft Digital Defense Report
Knowledge is powerful. This cybersecurity report encompasses learnings from security experts, practitioners, and defenders at Microsoft to empower people everywhere to defend against cyberthreats.
Build a stronger defense with the insights and expertise in the Microsoft Digital Defense Report
Signals
Over 24 trillion security signals are analyzed every 24 hours offering a uniquely comprehensive view of the current state of security.
Experts
More than 8,500 Microsoft security experts from across 77 countries have helped provide a critical perspective on the security landscape.
Insights
Synthesized, integrated insights came from more teams, across more areas of Microsoft than ever before.
The state of cybercrime
We’ve seen cybercrime evolve as a national security threat that’s driven largely by financial gain. Positively, transparency is increasing as more victims of cybercrime come forward to share their stories. Government cybersecurity efforts have also increased in response to cyberthreats.
25+
15K
More than 15,000 phishing sites were neutralized within three months.
50%
We’ve seen a 50 percent reduction yearly in employee susceptibility to phishing after simulation training.
Nation-state threats
Nation-state threat actors have become more sophisticated and harder to detect, creating a threat to security that is replicated by other cybercriminals.
Supply chain, IoT, and OT security
The Internet of Things (IoT), operational technology (OT), and supply ecosystems have been treated in isolation, but to counter attacks, security needs to take a holistic approach. Multiple layers of defenses, such as multifactor authentication, can help maintain security.
Secure your devices
20 million devices
This was the number of devices found to use the default password “admin” in just 45 days of signals.
Seven properties
We identified seven properties that are present in devices considered to be highly secured.
Nearly all industries affected
Critical vulnerabilities were found in several IoT and OT operating systems.
Hybrid workforce security
In both the physical and digital worlds, the primary way criminals get in is through an unlocked door. Organizations that do not apply or maintain basic security hygiene like patching, applying updates, or turning on multifactor authentication will face much greater exposure to attacks, including ransomware or Distributed Denial of Service (DDoS).
Phishing is responsible for almost 70 percent of data breaches
Basic security hygiene still protects against 98 percent of attacks.
Be cautious of “reliable” sources
Cybercriminals are using malware that is posed as legitimate software updates causing an increase in insider risk.
Update legacy systems to stay ahead of attacks
Adversaries are targeting on-premises systems, reinforcing the need for data governance and for organizations to move to the cloud.
Disinformation
Disinformation is being created and disseminated at increasing scale and speed.
Disinformation vs. misinformation
Empathy is needed when dealing with misinformation, which is false information that’s spread unintentionally by people who often have good intentions.
Spreading doubt
Threat and situational intelligence can be supplanted with disinformation to generate bias or create doubt in data integrity with decision makers.
Emerging threat of deepfakes
Improvements in AI have allowed deepfake videos and audio to directly harm individuals. They can now be used to trick employees into releasing or sharing credentials.
Actionable Insights
Technology and cybersecurity risk can’t be treated as something that only IT and security teams manage. Criminals seek to exploit any opportunity that exists, so while recovery solutions are imperative, it’s on all of us to seek out cybersecurity training and ensure our online safety.
Report archive
Keep reading to see how the threat landscape and online safety have changed in a few short years.
Follow Microsoft