Thousands of Windows users targeted by nation state attacks, says Microsoft

The majority of the attacks originate from Iran, North Korea and Russia, and took place in the past year

Almost 10,000 Microsoft customers have been targeted or compromised in nation-state cyber attacks, according to new research from the software giant.

The company claims that 84 per cent of these attacks were aimed at enterprise customers, while 16 per cent affected the personal email accounts of consumers.

Microsoft said this data "demonstrates the significant extent to which nation-states continue to rely on cyberattacks as a tool to gain intelligence, influence geopolitics or achieve other objectives".

Most of these attacks originated from attackers in three countries, including Iran, North Korea and Russia, and took place in the past year.

Tom Burt, corporate vice president of customer security and trust at Microsoft, explained in a blog post: "We have seen extensive activity from the actors we call Holmium and Mercury operating from Iran, Thallium operating from North Korea, and two actors operating from Russia we call Yttrium and Strontium.

Burt went on to say cyber attacks "continue to be a significant tool and weapon wielded in cyberspace". He said that, in some instances, attacks "appear to be related to ongoing efforts to attack the democratic process".

We have seen extensive activity from the actors we call Holmium and Mercury operating from Iran, Thallium operating from North Korea, and two actors operating from Russia we call Yttrium and Strontium

"Since the launch of Microsoft AccountGuard last August, we have uncovered attacks specifically targeting organizations that are fundamental to democracy," he continued.

"We have steadily expanded AccountGuard, our threat notification service for political campaigns, parties, and democracy-focused non-governmental organisations (NGOs), to include 26 countries across four continents."

The company recorded nearly 800 instances of cyber attacks launched against political organisations, with 95 per cent of them targeting US-based institutions and bodies.

Some of these organisations include NGOs and think tanks. Burt said the attacks "reflect a pattern that we also observed in the early stages of some previous elections".

He said: "In this pattern, a spike in attacks on NGOs and think tanks that work closely with candidates and political parties, or work on issues central to their campaigns, serve as a precursor to direct attacks on campaigns and election systems themselves.

"We saw such attacks in the U.S. presidential election in 2016 and in the last French presidential election.

"In 2018 we announced attacks targeting, among others, leading U.S. senatorial candidates and think tanks associated with key issues at the time." Earlier this year we saw attacks targeting democracy-focused NGOs in Europe close to European elections."

He expects to see more attacks targeting US election systems, political campaigns or NGOs that work closely with campaigns as the 2020 elections come closer.