Microsoft has completed an analysis of recent cyberattacks, finding that they’ve been increasing, and that the government sector has been the most targeted over the course of the pandemic.  The report showed that the United States was the most frequently attacked country, making up 46% of all attacks, far ahead of second-place Ukraine, which was the target of 19% of attacks.  Unsurprisingly given the targets, most of the cyberattacks (58%) originated in Russia.  This includes two of the recent breaches that were in the news, SolarWinds and the Colonial Pipeline.

The report from Microsoft does note that while most of the hacks originated from Russia, only two percent of the Russian attacks targeted critical infrastructure.  This in comparison to countries like Iran and China, which targeted critical infrastructure in eight and 13 percent of attacks, respectively.

Hackers are also doing a better job of masking their intent.  Rather than specifically going after information like state secrets, attacks have appeared to be under the guise of more standard criminal activity and have also shown less regard for collateral damage in attacks.

This is all amid reports that 2021 had more data breaches, costs, and impacts than previous years.  For starters, the average cost of an attack hit $4.24 million in 2021, which is the highest that figure has been in 17 years.  Factors such as using artificial intelligence, encryption, and security analytics helped to drive down the cost of a breach, but pandemic factors like having a remote workforce drove the cost back up.

The increase in cyberattacks, particularly attacks that target infrastructure as with the Colonial Pipeline, prompted US President Joe Biden to issue an Executive Order focused on enhancing cybersecurity.  There’s more than just the Executive Order though, as last week, the United States government announced that it would sue government contractors that fail to report a breach.  The government wants to be sure that it’s never more beneficial for a company to hide a breach, particularly when taxpayer dollars are involved.  The Justice Department also says it will protect whistleblowers in bringing forward reports of cyberattacks.

Extract isn’t a cybersecurity firm, but we do have a mission to keep your constituents’ personally identifiable information safe.  Whether you have files that you post online for public access or if you store them internally, Extract’s ID Shield software can read through millions of documents just like your staff would, safely and securely redacting any sensitive information.  If you’d like to learn more about how redaction can keep your data safe, please reach out.

About the Author: Chris Mack

Chris is a Marketing Manager at Extract with experience in product development, data analysis, and both traditional and digital marketing. Chris received his bachelor’s degree in English from Bucknell University and has an MBA from the University of Notre Dame. A passionate marketer, Chris strives to make complex ideas more accessible to those around him in a compelling way.