Cybercrime, the world's 3rd largest economy after America and China

Speed and sophistication were the main characteristics of cyber-attacks on users, businesses and public organisations in 2024, according to the Microsoft Digital Defense Report, which highlights the most important challenges in the field of cybersecurity. Based on a vast amount of data and analysis from Microsoft's global cybersecurity infrastructure, the report highlights the intensity of cyber threats through impressive metrics.

Specifically, by 2024 Microsoft customers were receiving more than 600 million attacks every day with the company repelling 7,000 password attacks per second, a figure that demonstrates the extremely high frequency and pervasiveness of this threat.

Additionally, despite a relative decrease over the last two years, ransomware attacks remain a serious threat: In particular, in 2024 Microsoft recorded 2.75 times more ransomware attacks. Notably, 389 healthcare providers were subject to such attacks in 2024.

Microsoft remains committed to understanding and responding to cyber threats. The company processes 78 trillion security signals every day, has 4000 engineers spearheading the fight against cybercrime and an ecosystem of 15000 partners worldwide who leverage Microsoft platforms to develop applications that strengthen cyberdefense.

• Cyber attacks on individual users: Financial cyber fraud is growing worldwide, with new trends in payment fraud and the abuse of legitimate services for online "fishing" and malicious activities. A new type of scam is "techscam", which deceives users by pretending legitimate services or using fake technical support and advertisements. Techscam traffic increased by 400% from 2021 to 2023, far outpacing the 180% increase in malware and the 30% increase in phishing, highlighting the need for stronger defences.
• Business: Distributed Denial of Service (DDoS) attacks: a DDoS attack targets web sites and servers, disrupting network services in an attempt to exhaust an application's resources. The perpetrators of these attacks flood a site with random traffic, resulting in poor functionality of the web site or complete disconnection. These types of attacks are on the rise. In the second half of the year, Microsoft mitigated 1.25 million DDoS attacks, a 4-fold increase over last year.
• Important note for 2024: The shift towards application-level attacks poses greater risks to business availability, such as online banking. These attacks are more stealthy, more sophisticated, and harder to mitigate than network-level attacks. DDoS attacks are widespread, targeting every type of industry, as well as companies of all sizes around the world. Certain industries, such as gaming, e-commerce and telecommunications, are targeted more frequently than others. DDoS attacks are some of the most common cyber threats and can compromise a business, its Internet security, sales and reputation.
• National-level threat factors: Nation-state threat actors conduct operations for financial gain and enlist the help of cybercriminals and malware to gather information. In 2024, a key finding was that Education and Research became the second most targeted sector by nation-state threat actors. These institutions, which offer information on research and policy, are often used as a testing ground before pursuing their true objectives.
• Foreign Powers Use Artificial Intelligence to Influence American Elections: As the use of AI grows more and more, cybercriminals and state entities alike have already started using it to spread false information about the US elections. As the report's findings show, Russia, Iran and China are exploiting geopolitical issues to cause discord over sensitive domestic issues. Tellingly, in disinformation operations, criminals linked to China prefer AI-generated images, while those linked to Russia use AI to spoof audio messages.