Trace Id is missing
Skip to main content
Microsoft Security

Cyber Influence Operations

Learn how foreign influence operations utilize new methods and technologies to erode trust, increase polarization, and threaten democratic processes.

Trends in cyber influence operations

Operations are becoming increasingly sophisticated as technology evolves. We are seeing tools used in traditional cyberattacks being applied to cyber influence operations alongside increased coordination and amplification among nation states. Foreign cyber influence operations typically have three stages: pre-position, launch and amplification.

A diagram showing progression of foreign cyber influence operations

Illustration of how narratives about US biolabs and biological weapons spread via the three broad phases of many foreign influence operations—pre-position, launch, and amplification.1


Influence operations: COVID-19 and Russia’s invasion of Ukraine

Learn about cyber influence operations used in nation state campaigns throughout the COVID-19 pandemic to undermine democratic institutions, and in Russia’s invasion of Ukraine to maximize impact.

75% of people worry information is being weaponized.

Tracking the Russian Propaganda Index

In January 2022, nearly 1,000 US websites were referring traffic to Russian propaganda websites. The most common topics were the war in Ukraine, US domestic politics, and COVID-19 vaccines.
A diagram of a chart showing the Russian propaganda index in the United States over 2 years

The Russian Propaganda Index (RPI) monitors the flow of news from Russian state-controlled and sponsored news outlets and amplifiers as a proportion of overall news traffic on the internet. The RPI can be used to chart the consumption of Russian propaganda across the internet and in different geographies on a precise timeline.

Synthetic media

Two key trends are the proliferation of easy-to-use tools for artificially creating highly realistic images and videos, and quick dissemination of content optimized for specific audiences. 

Microsoft’s holistic approach

Microsoft has increased technical capacity to detect and disrupt foreign influence operations and is committed to transparently reporting on these operations like our reporting on cyberattacks.

Explore other critical focus areas

The State of Cybercrime

Cybercrime continues to rise, driven by increases in both random and targeted attacks. Attack methods have evolved to create increasingly diverse threats.

Nation State Threats

Nation state actors are launching increasingly sophisticated cyberattacks to evade detection and further their strategic priorities.

Devices and Infrastructure

As organizations harness advances in computing capability and entities digitize to thrive, the attack surface of the digital world is exponentially increasing.

Cyber Resilience

As threats in the cyber landscape increase, building cyber resilience into the fabric of the organization is as crucial as financial and operational resilience.

Read this chapter and connect with us

Follow Microsoft