Russia-based hackers are responsible for the majority of nation-state attacks on Microsoft customers, according to new data from company.

Microsoft Corp has issued 13,000 alerts about nation-state hacking attempts to its customers in the last two years, with 52% of incidents between July 2019 and June 2020 related to Russian hackers - whose targets have ranged from elections to the Olympics, according to a report published Tuesday. Iran was responsible for a quarter of the alerts while China was responsible for 12%. The remainder of the nation-state activity observed by Microsoft came from North Korea and other countries.

Russian hackers have targeted elections and political organisations in multiple countries, as well as non-profit groups, professional services and higher education, according to Microsoft. Kremlin-linked hackers also tried to break into 16 sporting and anti-doping organisations on three continents amid doping investigations into Russia athletes.

“We see nation-state actors constantly evolving, trying new techniques,” said Tom Burt, a vice president at Microsoft. “As it stands today the attackers are winning in that they are so well resourced, so determined and so agile.” Foreign hackers have continued to target organisations related to American politics in recent weeks, he said.

Iranian hackers have also been prolific, stepping up the volume of their attacks in the last six months, according to Burt. In August 2019 alone, Iranian hackers attacked 241 Microsoft accounts associated with a US presidential campaign, current and former US officials, political journalists and well-known Iranians living abroad, the report said. While only four of these attacks were successful, Microsoft anticipates an increase activity as the US election approaches.

Hackers based in China have “attempted to gain intelligence on organisations associated with the upcoming US presidential election”, according to Microsoft. Those hackers have also been active in cyberattacks related to medical research. Among multiple attempts to hack medical research institutions in the US and Asia, China-based hackers attacked an unnamed US university that was researching a coronavirus vaccine in March.

Microsoft has observed 16 nation-state actors targeting customers involved in the global Covid-19 response efforts. Targets of these attacks have included global medical relief and humanitarian aid groups along with government health-care organisations.

China was also a victim of attacks that sought to leverage the pandemic. “China, the United States, and Russia were hit the hardest, but every country in the world saw at least one Covid-19-themed attack, with the volume of successful attacks in outbreak-hit countries increasing as fear and the desire for information grew,” the Microsoft report said.

Hospitals and other entities have also been hit with ransomware - in which files are locked from users until payment is made. Ransomware is the “most problematic” and “fastest growing” threat in cybercrime, Burt said.

 - Bloomberg