Microsoft said it has notified close to 10,000 people in the past year that they have been targeted by state-sponsored hackers.
The tech giant said Wednesday that the victims were either targeted or compromised by hackers working for a foreign government. In almost all cases, Microsoft said, enterprise customers were the primary targets — such as businesses and corporations. About one in 10 victims are consumer personal accounts, the company said.
Microsoft said its new data, revealed at the Aspen Security Forum in Colorado, demonstrates the “significant extent to which nation-states continue to rely on cyberattacks as a tool to gain intelligence, influence geopolitics, or achieve other objectives.”
On top of that the company also said it has made 781 notifications of state-sponsored attacks on organizations using its AccountGuard technology, designed for political campaigns, parties and government institutions.
Almost all of the attacks targeted U.S.-based organizations, the company said, but a spokesperson would not disclose the percentage of successful attacks.
Most of the attacks were traced back to activity by hacking groups believed to be associated with Russia, North Korea and Iran.
One such group, the so-called APT 33 group operating out of Iran — which Microsoft calls Holmium — has been in Microsoft’s cross-hairs before. In March the company said the Tehran-backed hackers stole corporate secrets and destroyed data in a two-year-long hacking campaign.
Weeks later the company sued to obtain a restraining order for another Iranian hacker group, APT 35, or Phosphorus. A year earlier it took similar legal action against Russian hackers, known as APT 28, or Fancy Bear, which was blamed for disrupting the 2016 presidential election.
“Cyber-attacks continue to be a significant tool and weapon wielded in cyberspace. In some instances, those attacks appear to be related to ongoing efforts to attack the democratic process,” said Microsoft’s customer security chief Tom Burt in a blog post.
Microsoft said it expects to see the “use of cyber-attacks to specifically target democratic processes” ahead of the upcoming 2020 presidential election.