Russia, China and North Korea are becoming more aggressive and sophisticated in their recruitment of cybercriminals to steal money, gain intelligence and sway elections, Microsoft said in a threat report released Tuesday.
Such hackers are not just stealing data, corporate vice president of customer security Tom Burt wrote in the Microsoft Digital Defense Report.
They are “launching ransomware, prepositioning backdoors for future destruction, sabotaging operations, and conducting influence campaigns,” he wrote.
“The pace of nation-state sponsored cyber attacks has escalated to the point that there is now effectively constant combat in cyberspace without any meaningful consequences to the attacker.”
Observations during the past year affirm a “convergence” of governments and cybercriminals, according to the report, which cited activity by China, Russia, Iran, and North Korea.
Nations use financially-motivated cybercriminals as “a force multiplier,” piggybacking on their hacking expertise, according to the report.
“We have also seen rapid shifts in the tactics of hybrid war, wide-ranging attempts to interfere in democratic elections, and a surge in ransomware attacks and cyber-enabled financial fraud across the globe,” the report said.
Russia, Iran, and China have all engaged in election influence efforts, ramping up efforts to sway perceptions, sow discord, and erode trust in public institutions, according to Microsoft.
“The widespread accessibility of generative AI tools coupled with significant geopolitical events has created a ripe environment for nation-state influence operations aimed at high-stakes contests,” Microsoft said.
North Korea has long “blurred the line” between cyber crime and cyber espionage, with the United Nations estimating the nation has stolen more than $3 billion in cryptocurrency since 2017, according to the report.