{"id":4165,"date":"2021-10-07T14:34:07","date_gmt":"2021-10-07T14:34:07","guid":{"rendered":"https:\/\/www.microsoft.com\/en-us\/security\/business\/security-insider\/?p=4165"},"modified":"2024-01-31T17:37:19","modified_gmt":"2024-01-31T17:37:19","slug":"microsoft-digital-defense-report-2021","status":"publish","type":"post","link":"https:\/\/www.microsoft.com\/en-us\/security\/business\/security-insider\/reports\/microsoft-digital-defense-reports\/microsoft-digital-defense-report-2021\/","title":{"rendered":"Microsoft Digital Defense Report 2021"},"content":{"rendered":"<div class=\"col-md-12 pr-lg-5 pb-2\">\n<p>The year 2021 brought powerful reminders that to protect the future we must understand the threats of the present. This requires that we continually share data and insights in new ways. Certain types of attacks have escalated as cybercriminals change tactics, leveraging current events to take advantage of vulnerable targets and advance their activity through new channels. Change brings opportunity\u2014for both attackers and defenders\u2014and this report focuses on the threats that are most novel and relevant to the community.<\/p>\n<p>Looking at the threat landscape, along with data and signals from cross-company teams, five top-level areas emerged as most critical to bring into the sharpest focus in this report: the state of cybercrime; nation state threats; supplier ecosystems, Internet of Things (IoT), and operational technology (OT) security; the hybrid workforce; and disinformation.<\/p>\n<p id=\"The state of cybercrime\"><strong>The state of cybercrime<\/strong><\/p>\n<p>In this chapter, we discuss new developments in the cybercrime economy and the growing market for <a href=\"https:\/\/www.microsoft.com\/en-us\/security\/business\/security-insider\/reports\/shifting-tactics-fuel-surge-in-business-email-compromise\/\">cybercrime services<\/a>. We provide updates and analysis of what we are seeing in <a href=\"https:\/\/www.microsoft.com\/en-us\/security\/business\/security-insider\/threat-briefs\/ransomware-as-a-service\/\">ransomware and extortion<\/a>, phishing and other malicious email, malware, and the use of domains by cybercriminals, presenting recommendations for mitigating risk in each area. Finally, we share what we\u2019re seeing in adversarial machine learning and what we are doing to stay ahead of cybercriminals in this area.<\/p>\n<p id= \"Nation state threats\"><strong>Nation state threats<\/strong><\/p>\n<p>This chapter provides an update on what we\u2019re seeing in <a href=\"https:\/\/www.microsoft.com\/en-us\/security\/business\/security-insider\/#threat-actor-insights\">nation state adversarial activity<\/a>, including reports on seven activity groups we have not previously mentioned publicly. We provide an analysis of the evolving threats in this watershed year with an increased focus on on-premises servers and the exposure of widespread supply chain vulnerabilities. We conclude with a discussion about private sector offensive actors and our guidance for comprehensive protections.<\/p>\n<p id=\"Supply chain, IoT, and OT security\"><strong>Supply chain, IoT, and OT security<\/strong><\/p>\n<p>The highly publicized events of the last year have made clear that securing and managing risks associated with <a href=\"https:\/\/www.microsoft.com\/en-us\/security\/business\/security-insider\/threat-briefs\/industry-expert-weighs-in-on-security-in-manufacturing\/\" rel=\"noopener\">supplier ecosystems<\/a> is critically important. This chapter covers some current challenges in doing so in the supplier ecosystem and presents how Microsoft thinks about end-to-end supply chain security in nine investment areas. Then we turn our discussion to what we\u2019re seeing in the <a href=\"https:\/\/www.microsoft.com\/en-us\/security\/business\/security-insider\/reports\/cyber-signals\/cyber-signals-issue-3-the-convergence-of-it-and-ot\/\" rel=\"noopener\">Internet of Things (IoT) and operational technology (OT)<\/a> threat landscape, with guidance on the properties of highly secured devices. We include specialized use cases of IoT and present some new research informing IoT policy considerations.<\/p>\n<p id =\"Hybrid workforce security\"><strong>Hybrid workforce security <\/strong><\/p>\n<p>This chapter is about our greatest asset, our people. As we have moved to a hybrid workforce over the past year, we\u2019ve seen developments in the threat landscape which point to the importance of adopting a <a href=\"https:\/\/www.microsoft.com\/en-us\/security\/business\/zero-trust\" target=\"_blank\" rel=\"noopener\">Zero Trust<\/a> approach. We include threat signals and other data across the six pillars of Zero Trust\u2014identities, endpoints, applications, network, infrastructure, and data\u2014and provide guidance based on what we\u2019re seeing. We conclude with discussions about insider threats in hybrid work environments, and an empathy imperative for managing the new and significant challenges encountered by today\u2019s workforce.<\/p>\n<p id =\"Disinformation\"><strong>Disinformation <\/strong><\/p>\n<p>This chapter addresses the unprecedented disinformation campaigns and related <a href=\"https:\/\/www.microsoft.com\/en-us\/security\/business\/security-insider\/threat-briefs\/propaganda-in-the-digital-age\/\" rel=\"noopener\">cyber operations<\/a> by state and non-state actors, impacting public awareness and knowledge as well as enterprise operations. We look at some parallels in cybersecurity and discuss mitigation through media literacy. We include a discussion on disinformation as an enterprise disruptor, providing a four-point plan for enterprise executives. The chapter concludes with an in-depth exploration of political campaign security and election integrity, two areas that have been targeted by disinformation campaigns.<\/p>\n<\/div>\n","protected":false},"excerpt":{"rendered":"<p>The 2021 edition Microsoft Digital Defense Report draws on insights, data, and more from trillions of daily security signals from across Microsoft, including the cloud, endpoints, and the intelligent edge. <\/p>\n","protected":false},"author":31,"featured_media":4169,"comment_status":"open","ping_status":"open","sticky":false,"template":"single-post.php","format":"standard","meta":{"footnotes":""},"categories":[163,158],"tags":[154,147,143],"industries":[],"threat_actor_groups":[],"countries":[],"industries_targeted":[],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v20.1 (Yoast SEO v21.0) - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Microsoft Digital Defense Report 2021 | Security Insider<\/title>\n<meta name=\"description\" content=\"The 2021 edition Microsoft Digital Defense Report draws on insights, data, and more from trillions of daily security signals from across Microsoft, including the cloud, endpoints, and the intelligent edge.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.microsoft.com\/en-us\/security\/business\/security-insider\/reports\/microsoft-digital-defense-reports\/microsoft-digital-defense-report-2021\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Microsoft Digital Defense Report 2021 | Security Insider\" \/>\n<meta property=\"og:description\" content=\"The 2021 edition Microsoft Digital Defense Report draws on insights, data, and more from trillions of daily security signals from across Microsoft, including the cloud, endpoints, and the intelligent edge.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.microsoft.com\/en-us\/security\/business\/security-insider\/reports\/microsoft-digital-defense-reports\/microsoft-digital-defense-report-2021\/\" \/>\n<meta property=\"og:site_name\" content=\"Security Insider\" \/>\n<meta property=\"article:published_time\" content=\"2021-10-07T14:34:07+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2024-01-31T17:37:19+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.microsoft.com\/en-us\/security\/business\/security-insider\/wp-content\/uploads\/2023\/10\/MSFT-SI-MDDR-WebAssets-R02V01_375x234_MSFTInsider_Article_Hero_Mobile_MDDR_2021.png\" \/>\n\t<meta property=\"og:image:width\" content=\"750\" \/>\n\t<meta property=\"og:image:height\" content=\"468\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"author\" content=\"Microsoft Threat Intelligence\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Microsoft Threat Intelligence\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/business\/security-insider\/reports\/microsoft-digital-defense-reports\/microsoft-digital-defense-report-2021\/\",\"url\":\"https:\/\/www.microsoft.com\/en-us\/security\/business\/security-insider\/reports\/microsoft-digital-defense-reports\/microsoft-digital-defense-report-2021\/\",\"name\":\"Microsoft Digital Defense Report 2021 | Security Insider\",\"isPartOf\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/business\/security-insider\/#website\"},\"datePublished\":\"2021-10-07T14:34:07+00:00\",\"dateModified\":\"2024-01-31T17:37:19+00:00\",\"author\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/business\/security-insider\/#\/schema\/person\/515c229d22a0367daea09bee76f594b4\"},\"description\":\"The 2021 edition Microsoft Digital Defense Report draws on insights, data, and more from trillions of daily security signals from across Microsoft, including the cloud, endpoints, and the intelligent edge.\",\"breadcrumb\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/business\/security-insider\/reports\/microsoft-digital-defense-reports\/microsoft-digital-defense-report-2021\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.microsoft.com\/en-us\/security\/business\/security-insider\/reports\/microsoft-digital-defense-reports\/microsoft-digital-defense-report-2021\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/business\/security-insider\/reports\/microsoft-digital-defense-reports\/microsoft-digital-defense-report-2021\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Homepage\",\"item\":\"https:\/\/www.microsoft.com\/en-us\/security\/business\/security-insider\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Reports\",\"item\":\"https:\/\/www.microsoft.com\/en-us\/security\/business\/security-insider\/category\/reports\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"Microsoft Digital Defense Reports\",\"item\":\"https:\/\/www.microsoft.com\/en-us\/security\/business\/security-insider\/category\/reports\/microsoft-digital-defense-reports\/\"},{\"@type\":\"ListItem\",\"position\":4,\"name\":\"Microsoft Digital Defense Report 2021\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/business\/security-insider\/#website\",\"url\":\"https:\/\/www.microsoft.com\/en-us\/security\/business\/security-insider\/\",\"name\":\"Security Insider\",\"description\":\"\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.microsoft.com\/en-us\/security\/business\/security-insider\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/business\/security-insider\/#\/schema\/person\/515c229d22a0367daea09bee76f594b4\",\"name\":\"Microsoft Threat Intelligence\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/business\/security-insider\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/794f64ce95196f6b2278aab98edf1ddd?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/794f64ce95196f6b2278aab98edf1ddd?s=96&d=mm&r=g\",\"caption\":\"Microsoft Threat Intelligence\"},\"url\":\"https:\/\/www.microsoft.com\/en-us\/security\/business\/security-insider\/author\/microsoft-threat-intelligence\/\"}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"Microsoft Digital Defense Report 2021 | Security Insider","description":"The 2021 edition Microsoft Digital Defense Report draws on insights, data, and more from trillions of daily security signals from across Microsoft, including the cloud, endpoints, and the intelligent edge.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.microsoft.com\/en-us\/security\/business\/security-insider\/reports\/microsoft-digital-defense-reports\/microsoft-digital-defense-report-2021\/","og_locale":"en_US","og_type":"article","og_title":"Microsoft Digital Defense Report 2021 | Security Insider","og_description":"The 2021 edition Microsoft Digital Defense Report draws on insights, data, and more from trillions of daily security signals from across Microsoft, including the cloud, endpoints, and the intelligent edge.","og_url":"https:\/\/www.microsoft.com\/en-us\/security\/business\/security-insider\/reports\/microsoft-digital-defense-reports\/microsoft-digital-defense-report-2021\/","og_site_name":"Security Insider","article_published_time":"2021-10-07T14:34:07+00:00","article_modified_time":"2024-01-31T17:37:19+00:00","og_image":[{"width":750,"height":468,"url":"https:\/\/www.microsoft.com\/en-us\/security\/business\/security-insider\/wp-content\/uploads\/2023\/10\/MSFT-SI-MDDR-WebAssets-R02V01_375x234_MSFTInsider_Article_Hero_Mobile_MDDR_2021.png","type":"image\/png"}],"author":"Microsoft Threat Intelligence","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Microsoft Threat Intelligence","Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/www.microsoft.com\/en-us\/security\/business\/security-insider\/reports\/microsoft-digital-defense-reports\/microsoft-digital-defense-report-2021\/","url":"https:\/\/www.microsoft.com\/en-us\/security\/business\/security-insider\/reports\/microsoft-digital-defense-reports\/microsoft-digital-defense-report-2021\/","name":"Microsoft Digital Defense Report 2021 | Security Insider","isPartOf":{"@id":"https:\/\/www.microsoft.com\/en-us\/security\/business\/security-insider\/#website"},"datePublished":"2021-10-07T14:34:07+00:00","dateModified":"2024-01-31T17:37:19+00:00","author":{"@id":"https:\/\/www.microsoft.com\/en-us\/security\/business\/security-insider\/#\/schema\/person\/515c229d22a0367daea09bee76f594b4"},"description":"The 2021 edition Microsoft Digital Defense Report draws on insights, data, and more from trillions of daily security signals from across Microsoft, including the cloud, endpoints, and the intelligent edge.","breadcrumb":{"@id":"https:\/\/www.microsoft.com\/en-us\/security\/business\/security-insider\/reports\/microsoft-digital-defense-reports\/microsoft-digital-defense-report-2021\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.microsoft.com\/en-us\/security\/business\/security-insider\/reports\/microsoft-digital-defense-reports\/microsoft-digital-defense-report-2021\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.microsoft.com\/en-us\/security\/business\/security-insider\/reports\/microsoft-digital-defense-reports\/microsoft-digital-defense-report-2021\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Homepage","item":"https:\/\/www.microsoft.com\/en-us\/security\/business\/security-insider\/"},{"@type":"ListItem","position":2,"name":"Reports","item":"https:\/\/www.microsoft.com\/en-us\/security\/business\/security-insider\/category\/reports\/"},{"@type":"ListItem","position":3,"name":"Microsoft Digital Defense Reports","item":"https:\/\/www.microsoft.com\/en-us\/security\/business\/security-insider\/category\/reports\/microsoft-digital-defense-reports\/"},{"@type":"ListItem","position":4,"name":"Microsoft Digital Defense Report 2021"}]},{"@type":"WebSite","@id":"https:\/\/www.microsoft.com\/en-us\/security\/business\/security-insider\/#website","url":"https:\/\/www.microsoft.com\/en-us\/security\/business\/security-insider\/","name":"Security Insider","description":"","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.microsoft.com\/en-us\/security\/business\/security-insider\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/www.microsoft.com\/en-us\/security\/business\/security-insider\/#\/schema\/person\/515c229d22a0367daea09bee76f594b4","name":"Microsoft Threat Intelligence","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.microsoft.com\/en-us\/security\/business\/security-insider\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/794f64ce95196f6b2278aab98edf1ddd?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/794f64ce95196f6b2278aab98edf1ddd?s=96&d=mm&r=g","caption":"Microsoft Threat Intelligence"},"url":"https:\/\/www.microsoft.com\/en-us\/security\/business\/security-insider\/author\/microsoft-threat-intelligence\/"}]}},"_links":{"self":[{"href":"https:\/\/www.microsoft.com\/en-us\/security\/business\/security-insider\/wp-json\/wp\/v2\/posts\/4165"}],"collection":[{"href":"https:\/\/www.microsoft.com\/en-us\/security\/business\/security-insider\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.microsoft.com\/en-us\/security\/business\/security-insider\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/security\/business\/security-insider\/wp-json\/wp\/v2\/users\/31"}],"replies":[{"embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/security\/business\/security-insider\/wp-json\/wp\/v2\/comments?post=4165"}],"version-history":[{"count":4,"href":"https:\/\/www.microsoft.com\/en-us\/security\/business\/security-insider\/wp-json\/wp\/v2\/posts\/4165\/revisions"}],"predecessor-version":[{"id":4181,"href":"https:\/\/www.microsoft.com\/en-us\/security\/business\/security-insider\/wp-json\/wp\/v2\/posts\/4165\/revisions\/4181"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/security\/business\/security-insider\/wp-json\/wp\/v2\/media\/4169"}],"wp:attachment":[{"href":"https:\/\/www.microsoft.com\/en-us\/security\/business\/security-insider\/wp-json\/wp\/v2\/media?parent=4165"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/security\/business\/security-insider\/wp-json\/wp\/v2\/categories?post=4165"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/security\/business\/security-insider\/wp-json\/wp\/v2\/tags?post=4165"},{"taxonomy":"industries","embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/security\/business\/security-insider\/wp-json\/wp\/v2\/industries?post=4165"},{"taxonomy":"threat_actor_groups","embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/security\/business\/security-insider\/wp-json\/wp\/v2\/threat_actor_groups?post=4165"},{"taxonomy":"countries","embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/security\/business\/security-insider\/wp-json\/wp\/v2\/countries?post=4165"},{"taxonomy":"industries_targeted","embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/security\/business\/security-insider\/wp-json\/wp\/v2\/industries_targeted?post=4165"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}