Microsoft Digital Defense Report 2022
Contents
Microsoft
Digital Defense
Report 2022
Illuminating the threat landscape
and empowering a digital defense.
01
Report
Introduction
Microsoft Digital Defense Report 2022
Contents
The data, insights, and events in this report are
from July 2021 through June 2022 (Microsoft
fiscal year 2022), unless otherwise noted.
For the best experience viewing and
navigating this report, we recommend
using Adobe Reader, available as a free
download from the Adobe website.
The State of
Cybercrime
Nation State
Threats
Devices and
Infrastructure
Report Introduction
02 Iran growing increasingly aggressive
The State of Cybercrime
06
An overview of The State of Cybercrime
Introduction
Ransomware and extortion:
A nation-level threat
Ransomware insights from
front-line responders
Cybercrime as a service
The evolving phishing threat landscape
A timeline of botnet disruption from
Microsoft’s early days of collaboration
Cybercriminal abuse of infrastructure
Is hacktivism here to stay?
07
08
Nation State Threats
30
An overview of Nation State Threats
Introduction
Background on nation state data
Sample of nation state actors and
their activities
The evolving threat landscape
The IT supply chain as a gateway
to the digital ecosystem
Rapid vulnerability exploitation
Russian state actors’ wartime cyber
tactics threaten Ukraine and beyond
China expanding global targeting
for competitive advantage
31
32
33
09
14
18
21
25
26
28
34
35
37
39
41
44
Cyber Influence
Operations
following power transition
North Korean cyber …
Digital Defense
Report 2022
Illuminating the threat landscape
and empowering a digital defense.
01
Report
Introduction
Microsoft Digital Defense Report 2022
Contents
The data, insights, and events in this report are
from July 2021 through June 2022 (Microsoft
fiscal year 2022), unless otherwise noted.
For the best experience viewing and
navigating this report, we recommend
using Adobe Reader, available as a free
download from the Adobe website.
The State of
Cybercrime
Nation State
Threats
Devices and
Infrastructure
Report Introduction
02 Iran growing increasingly aggressive
The State of Cybercrime
06
An overview of The State of Cybercrime
Introduction
Ransomware and extortion:
A nation-level threat
Ransomware insights from
front-line responders
Cybercrime as a service
The evolving phishing threat landscape
A timeline of botnet disruption from
Microsoft’s early days of collaboration
Cybercriminal abuse of infrastructure
Is hacktivism here to stay?
07
08
Nation State Threats
30
An overview of Nation State Threats
Introduction
Background on nation state data
Sample of nation state actors and
their activities
The evolving threat landscape
The IT supply chain as a gateway
to the digital ecosystem
Rapid vulnerability exploitation
Russian state actors’ wartime cyber
tactics threaten Ukraine and beyond
China expanding global targeting
for competitive advantage
31
32
33
09
14
18
21
25
26
28
34
35
37
39
41
44
Cyber Influence
Operations
following power transition
North Korean cyber …
IoC
73326b6764187b7176ed3c00109ddc1e6264eb8b
8dc75d6abcfe11ecad9946a058d581c9
:2020:595
bfca6d5b236a29d61c4dd38702495ffe
https://aka.ms/ZTatMSFT
https://apnews.com/article/conspiracy-theories-iran-only-on-ap-media-misinformationbfca6d5b236a29d61c4dd38702495ffe
https://attack.mitre.org/techniques/T1053/
https://blogs.microsoft.com/on-the-issues/
https://blogs.microsoft.com/on-the-issues/2021/12/06/cyberattacks-nickel-dcu-china/
https://blogs.microsoft.com/on-the-issues/2022/04/13/zloader-botnet-disrupted-malware-ukraine/
https://blogs.microsoft.com/on-the-issues/2022/04/27/hybrid-war-ukraine-russia-cyberattacks/
https://blogs.microsoft.com/on-the-issues/2022/05/03/artificial-intelligence-department-ofdefense-cyber-missions/
https://cacm.acm.org/
https://carnegieendowment.org/2020/07/08/deepfakes-and-synthetic-media-in-financialsystem-assessing-threat-scenarios-pub-82237
https://coinmarketcap.com
https://csrc.nist.gov/projects/post-quantum-cryptography/post-quantum-cryptographystandardization
https://csrc.nist.gov/publications/detail/nistir/8374/final
https://csrc.nist.gov/publications/detail/sp/800-40/rev-4/final
https://d2071andvip0wj.cloudfront.net/184-irans-priorities-in-a-turbulent-middle-east_1.pdf
https://docs.microsoft
https://docs.microsoft.com/en-us/azure/active-directory/authentication/how-to-mfa-additionalcontext
https://docs.microsoft.com/en-us/azure/active-directory/authentication/how-to-mfa-numbermatch
https://docs.microsoft.com/en-us/azure/active-directory/authentication/howto-mfa-getstarted
https://docs.microsoft.com/en-us/microsoft-365/commerce/manage-partners?view=o365worldwide
https://docs.microsoft.com/en-us/microsoft-365/security/defender-endpoint/manage-updatesbaselines-microsoft-defender-antivirus?view=o365-worldwide
https://docs.microsoft.com/en-us/microsoft-365/security/office-365-security/impersonationinsight?view=o365-worldwide
https://docs.microsoft.com/en-us/microsoft-365/security/office-365-security/learn-about-spoofintelligence?view=o365-worldwide
https://docs.microsoft.com/en-us/windows/security/threat-protection/microsoft-defendersmartscreen/microsoft-defender-smartscreen-overview
https://docs.microsoft.com/microsoft-365/commerce/manage-partners?view=o365-worldwide
https://docs.microsoft.com/microsoft-365/security/defender-endpoint/cloud-protectionmicrosoft-defender-antivirus
https://ec.europa.eu/trade/policy/in-focus/eu-china-agreement/
https://etherscan.io/address/0x73326b6764187b7176ed3c00109ddc1e6264eb8b
https://eur-lex.europa.eu/legal-content/EN/TXT/
https://europe-cities.com/2021/12/17/we-unveil-the-subzero-state-trojanfrom-austria/
https://finance.yahoo.com/news/ethereum-worth-over-1-5m-160249300.html
https://github.com/microsoft/routeros-scanner
https://github.com/microsoft/sbom-tool
https://greenfdc.org/chinas-two-sessions-2022-what-it-means-for-economy-climatebiodiversity-green-finance-and-the-belt-and-road-initiative-bri/
https://interpret.ml/
https://kcnawatch.org/newstream/1650963237-449932111/respected-comrade-kim-jong-unmakes-speech-at-military-parade-held-in-celebration-of-90th-founding-anniversary-of-kpra/
https://lawcat.berkeley.edu/record/1136469
https://miburo.substack.com/p/
https://microsoft.com/mddr
https://mitsloan.mit.edu/ideas-made-to-matter/mit-sloan-research-about-social-mediamisinformation-and-elections?msclkid=8dc75d6abcfe11ecad9946a058d581c9
https://netzpolitik.org/2021/dsirf-wir-enthuellen-den-staatstrojaner-subzero-ausoesterreich
https://news.bitcoin.com/decentralized-finance-crypto-exchange-uniswap-starts-blockingaddresses-linked-to-blocked-activities/
https://news.gallup.com/poll/355526/americans-trust-media-dips-second-lowest-record.aspx
https://news.un.org/en/story/2022/06/1119672
https://news.usni.org/2022/01/24/2-u-s-aircraft-carriers-now-in-south-china-sea-as-chinese-airforce-flies-39-aircraft-near-taiwan
https://news.yahoo.com/china-halts-freight-train-traffic-102451425.html
https://pitstop.manageengine.com/portal/en/community/topic/adselfservice-plus-6114-securityfix-release
https://query.prod.cms.rt.microsoft.com/cms/api/am/binary/RE4Vwwd
https://reliefweb.int/report/ukraine/unicef-ukraine-humanitarian-situation-report-no-13-10-17may-2022
https://safecode.org/blog/preparing-for-post-quantum-cryptography-roadmap-initial-guidance/
https://t.me/oddr_info/39658
https://t.me/voenacher/23339
https://tass.com/politics/1401777
https://thequantumdaily.com/2020/02/18/the-quantum-computing-market-sizesuperpositioned-for-growth
https://therecord.media/russia-or-ukraine-hacking-groups-take-sides/
https://twitter.com/MoNDefense
https://web.archive.org/web/20220319124125/https://twitter.com/RT_com/
https://www.aljazeera.com/economy/2022/5/20/north-korea-shuns-outside-help-as-covidcatastrophe-looms
https://www.aljazeera.com/news/2016/3/9/
https://www.armscontrol.org/blog/
https://www.bbc.com/news/technology-59998925
https://www.bbc.com/news/world-asia-59845636
https://www.bleepingcomputer.com/news/security/costa-rica-s-public-health-agency-hit-byhive-ransomware/
https://www.bleepingcomputer.com/news/security/greeces-public-postal-service-offline-due-toransomware-attack/
https://www.bleepingcomputer.com/news/security/spicejet-airline-passengers-stranded-afterransomware-attack/
https://www.blockchain.com/charts/my-wallet-n-users
https://www.cfr.org/global-conflict-tracker/conflict/territorial-disputes-south-china-sea
https://www.cnn.com/2022/03/14/economy/china-jan-feb-economy-challenges-ahead-intl-hnk/
https://www.cnn.com/2022/05/05/opinions/sergey-lavrov-hitler-comments-ukrainekauders/index.html,Kirill
https://www.cnn.com/2022/05/11/asia/north-korea-covid-omicron-coronavirus-intl-hnk/index
https://www.coindesk.com/business/2021/12/13/crypto-exchange-ascendex-hacked-lossesestimated-at-77m/
https://www.csis.org/analysis/number-north-korean-defectors-drops-lowest-level-two-decades
https://www.edelman.com/sites/g/files/aatuss191/files/2022-01/2022
https://www.expats.cz/czech-news/article/pro-russian-hackers-target-czech-websites-in-aseries-of-attacks
https://www.fmprc.gov.cn/eng/zxxx_662805/202205/t20220531_10694928.html
https://www.focus.de/politik/vorab-aus-dem-focus-vollekontrolle-ueber-zielcomputer-das-raetsel-um-die-spionage-app-fuehrt-ueber-wirecardzu-putin_id_24442733.html
https://www.france24.com/en/live-news/20210825-iran-sparliament-approves-president-s-cabinet-choices
https://www.ic3.gov/Media/PDF/AnnualReport/2021_IC3Report.pdf
https://www.ic3.gov/Media/Y2022/PSA220504
https://www.janes.com/defence-news/news-detail/iranian-irgc-consolidates-primacyinintelligence-operations
https://www.justice.gov/opa/pr/united-states-seizes-websites-used-iranian-islamic-radio-andtelevision-union-and-kata-ib
https://www.kaspersky.com/blog/the-human-factor-in-it-security/
https://www.marketwatch.com/story/kim-jong-un-calls-for-improved-living-conditions-in-northkorea-01633920099
https://www.microsoft.com/en-us/cybersecurity/content-hub/cloud-security
https://www.microsoft.com/en-us/msrc/cvd
https://www.microsoft.com/en-us/security/business/identity-access/azure-active-directorypasswordless-authentication
https://www.microsoft.com/en-us/security/business/siem-and-xdr/microsoft-defender-office-365
https://www.microsoft.com/en-us/security/business/threat-protection/
https://www.microsoft.com/security/blog/2020/03/05/human-operated-ransomware-attacks-apreventable-disaster/
https://www.microsoft.com/security/blog/2021/02/11/web-shell-attacks-continue-to-rise/
https://www.microsoft.com/security/blog/2021/05/05/how-to-apply-a-zero-trust-approach-toyour-iot-solutions/
https://www.microsoft.com/security/blog/2021/10/25/nobelium-targeting-delegatedadministrative-privileges-to-facilitate-broader-attacks/
https://www.microsoft.com/security/blog/2021/11/18/iranian-targeting-of-it-sector-on-the-rise/
https://www.microsoft.com/security/blog/2021/12/06/nickel-targeting-governmentorganizations-across-latin-america-and-europe/
https://www.microsoft.com/security/blog/2021/12/08/new-research-shows-iot-and-otinnovation-is-critical-to-business-but-comes-with-significant-risks/
https://www.microsoft.com/security/blog/2022/01/15/destructive-malware-targeting-ukrainianorganizations/
https://www.microsoft.com/security/blog/2022/03/16/uncovering-trickbots-use-of-iot-devicesin-command-and-control-infrastructure/
https://www.microsoft.com/security/blog/2022/04/12/tarrask-malware-uses-scheduled-tasksfor-defense-evasion/
https://www.microsoft.com/security/blog/2022/06/02/exposing-polonium-activity-andinfrastructure-targeting-israeli-organizations/
https://www.microsoft.com/security/blog/2022/07/26/malicious-iis-extensions-quietly-openpersistent-backdoors-into-servers/
https://www.presstv.ir/Detail/2020/02/04/617877/Is-the-coronavirus-a-US-bioweapon
https://www.proofpoint.com/us/blog/threat-insight/badblood-ta453targets-us-and-israeli-medical-research-personnel-credential
https://www.reuters.com/business/energy/iran-says-israel-us-likely-behind-cyberattack-gasstations-2021-10-30/
https://www.reuters.com/business/energy/shell-re-routes-oil-supplies-after-cyberattackgerman-logistics-firm-2022-02-01/
https://www.reuters.com/world/americas/cyber-attack-costa-rica-growsmore-agencies-hit-president-says-2022-05-16/
https://www.reuters.com/world/asia-pacific/nkorea-mobilises-office-workers-fight-droughtamid-food-shortages-2022-05-04/
https://www.reuters.com/world/middle-east/iran-parliament-approves-most-raisi-nomineeshardline-cabinet-2021-08-25/
https://www.rt.com/news/482405-iran-coronavirus-us-biological-weapon/
https://www.secureworks.com/blog/lyceum-takes-center-stage-in-middle-east-campaign
https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35211
https://www.state.gov/wp-content/uploads/2022/01/Kremlin-Funded-Media_January_update-19.pdf
https://www.statista.com/statistics/800426/worldwide-blockchain-solutions-spending/
https://www.tasnimnews.com/en/news/2021/11/05/2602361/us-military-action-off-the-tableiranian-general
https://www.theguardian.com/world/2017/may/05/iran-president-hassanrouhani-nuclear-agreement-sabotaged
https://www.theguardian.com/world/2021/aug/06/north-korea-homes-wreckeddamaged-andand-bridges-washed-away-in-floods
https://www.theguardian.com/world/2022/apr/30/the-china-solomons-security-deal-has-beensigned-time-to-move-on-from-megaphone-diplomacy
https://www.theguardian.com/world/2022/mar/18/amateur-hackers-warned-against-joiningukraines-it-army
https://www.timesofisrael.com/in-rare-criticism-of-irgc-rouhani-slams-anti-israel-sloganson-test-missiles/
https://www.usatoday.com/story/news/
https://www.usnews.com/
https://www.washingtonpost.com/national-security/cyber-command-revilransomware/2021/11/03/528e03e6-3517-11ec-9bc4-86107e7b0ab1_story.html
https://www.washingtonpost.com/world/2022/04/01/china-eu-summit/
https://www.washingtonpost.com/world/asia_pacific/north-korea-kimpandemic/2021/09/08/31adfd74-ff53-11eb-87e0-7e07bd9ce270_story.html
https://www.whitehouse.gov/briefing-room/presidential-actions/2022/01/19/memorandumon-improving-the-cybersecurity-of-national-security-department-of-defense-and-intelligencecommunity-systems/
https://www.wsj.com/articles/russias-vladimir-putin-meets-with-chinese-leader-xi-jinping-inbeijing-11643966743
https://www.wsj.com/articles/u-s-on-sidelines-as-china-and-other-asia-pacific-nations-launchtrade-pact-11641038401
https://www.zdnet.com/article/after-77-million-hack-crypto-platformascendex-to-reimburse-customers/
https://www.zdnet.com/article/ripple20-vulnerabilities-will-haunt-the-iot-landscape-for-yearsto-come
https://zetter.substack.com/p/dozens-of-computers-in-ukraine-wiped?s=r
8dc75d6abcfe11ecad9946a058d581c9
:2020:595
bfca6d5b236a29d61c4dd38702495ffe
https://aka.ms/ZTatMSFT
https://apnews.com/article/conspiracy-theories-iran-only-on-ap-media-misinformationbfca6d5b236a29d61c4dd38702495ffe
https://attack.mitre.org/techniques/T1053/
https://blogs.microsoft.com/on-the-issues/
https://blogs.microsoft.com/on-the-issues/2021/12/06/cyberattacks-nickel-dcu-china/
https://blogs.microsoft.com/on-the-issues/2022/04/13/zloader-botnet-disrupted-malware-ukraine/
https://blogs.microsoft.com/on-the-issues/2022/04/27/hybrid-war-ukraine-russia-cyberattacks/
https://blogs.microsoft.com/on-the-issues/2022/05/03/artificial-intelligence-department-ofdefense-cyber-missions/
https://cacm.acm.org/
https://carnegieendowment.org/2020/07/08/deepfakes-and-synthetic-media-in-financialsystem-assessing-threat-scenarios-pub-82237
https://coinmarketcap.com
https://csrc.nist.gov/projects/post-quantum-cryptography/post-quantum-cryptographystandardization
https://csrc.nist.gov/publications/detail/nistir/8374/final
https://csrc.nist.gov/publications/detail/sp/800-40/rev-4/final
https://d2071andvip0wj.cloudfront.net/184-irans-priorities-in-a-turbulent-middle-east_1.pdf
https://docs.microsoft
https://docs.microsoft.com/en-us/azure/active-directory/authentication/how-to-mfa-additionalcontext
https://docs.microsoft.com/en-us/azure/active-directory/authentication/how-to-mfa-numbermatch
https://docs.microsoft.com/en-us/azure/active-directory/authentication/howto-mfa-getstarted
https://docs.microsoft.com/en-us/microsoft-365/commerce/manage-partners?view=o365worldwide
https://docs.microsoft.com/en-us/microsoft-365/security/defender-endpoint/manage-updatesbaselines-microsoft-defender-antivirus?view=o365-worldwide
https://docs.microsoft.com/en-us/microsoft-365/security/office-365-security/impersonationinsight?view=o365-worldwide
https://docs.microsoft.com/en-us/microsoft-365/security/office-365-security/learn-about-spoofintelligence?view=o365-worldwide
https://docs.microsoft.com/en-us/windows/security/threat-protection/microsoft-defendersmartscreen/microsoft-defender-smartscreen-overview
https://docs.microsoft.com/microsoft-365/commerce/manage-partners?view=o365-worldwide
https://docs.microsoft.com/microsoft-365/security/defender-endpoint/cloud-protectionmicrosoft-defender-antivirus
https://ec.europa.eu/trade/policy/in-focus/eu-china-agreement/
https://etherscan.io/address/0x73326b6764187b7176ed3c00109ddc1e6264eb8b
https://eur-lex.europa.eu/legal-content/EN/TXT/
https://europe-cities.com/2021/12/17/we-unveil-the-subzero-state-trojanfrom-austria/
https://finance.yahoo.com/news/ethereum-worth-over-1-5m-160249300.html
https://github.com/microsoft/routeros-scanner
https://github.com/microsoft/sbom-tool
https://greenfdc.org/chinas-two-sessions-2022-what-it-means-for-economy-climatebiodiversity-green-finance-and-the-belt-and-road-initiative-bri/
https://interpret.ml/
https://kcnawatch.org/newstream/1650963237-449932111/respected-comrade-kim-jong-unmakes-speech-at-military-parade-held-in-celebration-of-90th-founding-anniversary-of-kpra/
https://lawcat.berkeley.edu/record/1136469
https://miburo.substack.com/p/
https://microsoft.com/mddr
https://mitsloan.mit.edu/ideas-made-to-matter/mit-sloan-research-about-social-mediamisinformation-and-elections?msclkid=8dc75d6abcfe11ecad9946a058d581c9
https://netzpolitik.org/2021/dsirf-wir-enthuellen-den-staatstrojaner-subzero-ausoesterreich
https://news.bitcoin.com/decentralized-finance-crypto-exchange-uniswap-starts-blockingaddresses-linked-to-blocked-activities/
https://news.gallup.com/poll/355526/americans-trust-media-dips-second-lowest-record.aspx
https://news.un.org/en/story/2022/06/1119672
https://news.usni.org/2022/01/24/2-u-s-aircraft-carriers-now-in-south-china-sea-as-chinese-airforce-flies-39-aircraft-near-taiwan
https://news.yahoo.com/china-halts-freight-train-traffic-102451425.html
https://pitstop.manageengine.com/portal/en/community/topic/adselfservice-plus-6114-securityfix-release
https://query.prod.cms.rt.microsoft.com/cms/api/am/binary/RE4Vwwd
https://reliefweb.int/report/ukraine/unicef-ukraine-humanitarian-situation-report-no-13-10-17may-2022
https://safecode.org/blog/preparing-for-post-quantum-cryptography-roadmap-initial-guidance/
https://t.me/oddr_info/39658
https://t.me/voenacher/23339
https://tass.com/politics/1401777
https://thequantumdaily.com/2020/02/18/the-quantum-computing-market-sizesuperpositioned-for-growth
https://therecord.media/russia-or-ukraine-hacking-groups-take-sides/
https://twitter.com/MoNDefense
https://web.archive.org/web/20220319124125/https://twitter.com/RT_com/
https://www.aljazeera.com/economy/2022/5/20/north-korea-shuns-outside-help-as-covidcatastrophe-looms
https://www.aljazeera.com/news/2016/3/9/
https://www.armscontrol.org/blog/
https://www.bbc.com/news/technology-59998925
https://www.bbc.com/news/world-asia-59845636
https://www.bleepingcomputer.com/news/security/costa-rica-s-public-health-agency-hit-byhive-ransomware/
https://www.bleepingcomputer.com/news/security/greeces-public-postal-service-offline-due-toransomware-attack/
https://www.bleepingcomputer.com/news/security/spicejet-airline-passengers-stranded-afterransomware-attack/
https://www.blockchain.com/charts/my-wallet-n-users
https://www.cfr.org/global-conflict-tracker/conflict/territorial-disputes-south-china-sea
https://www.cnn.com/2022/03/14/economy/china-jan-feb-economy-challenges-ahead-intl-hnk/
https://www.cnn.com/2022/05/05/opinions/sergey-lavrov-hitler-comments-ukrainekauders/index.html,Kirill
https://www.cnn.com/2022/05/11/asia/north-korea-covid-omicron-coronavirus-intl-hnk/index
https://www.coindesk.com/business/2021/12/13/crypto-exchange-ascendex-hacked-lossesestimated-at-77m/
https://www.csis.org/analysis/number-north-korean-defectors-drops-lowest-level-two-decades
https://www.edelman.com/sites/g/files/aatuss191/files/2022-01/2022
https://www.expats.cz/czech-news/article/pro-russian-hackers-target-czech-websites-in-aseries-of-attacks
https://www.fmprc.gov.cn/eng/zxxx_662805/202205/t20220531_10694928.html
https://www.focus.de/politik/vorab-aus-dem-focus-vollekontrolle-ueber-zielcomputer-das-raetsel-um-die-spionage-app-fuehrt-ueber-wirecardzu-putin_id_24442733.html
https://www.france24.com/en/live-news/20210825-iran-sparliament-approves-president-s-cabinet-choices
https://www.ic3.gov/Media/PDF/AnnualReport/2021_IC3Report.pdf
https://www.ic3.gov/Media/Y2022/PSA220504
https://www.janes.com/defence-news/news-detail/iranian-irgc-consolidates-primacyinintelligence-operations
https://www.justice.gov/opa/pr/united-states-seizes-websites-used-iranian-islamic-radio-andtelevision-union-and-kata-ib
https://www.kaspersky.com/blog/the-human-factor-in-it-security/
https://www.marketwatch.com/story/kim-jong-un-calls-for-improved-living-conditions-in-northkorea-01633920099
https://www.microsoft.com/en-us/cybersecurity/content-hub/cloud-security
https://www.microsoft.com/en-us/msrc/cvd
https://www.microsoft.com/en-us/security/business/identity-access/azure-active-directorypasswordless-authentication
https://www.microsoft.com/en-us/security/business/siem-and-xdr/microsoft-defender-office-365
https://www.microsoft.com/en-us/security/business/threat-protection/
https://www.microsoft.com/security/blog/2020/03/05/human-operated-ransomware-attacks-apreventable-disaster/
https://www.microsoft.com/security/blog/2021/02/11/web-shell-attacks-continue-to-rise/
https://www.microsoft.com/security/blog/2021/05/05/how-to-apply-a-zero-trust-approach-toyour-iot-solutions/
https://www.microsoft.com/security/blog/2021/10/25/nobelium-targeting-delegatedadministrative-privileges-to-facilitate-broader-attacks/
https://www.microsoft.com/security/blog/2021/11/18/iranian-targeting-of-it-sector-on-the-rise/
https://www.microsoft.com/security/blog/2021/12/06/nickel-targeting-governmentorganizations-across-latin-america-and-europe/
https://www.microsoft.com/security/blog/2021/12/08/new-research-shows-iot-and-otinnovation-is-critical-to-business-but-comes-with-significant-risks/
https://www.microsoft.com/security/blog/2022/01/15/destructive-malware-targeting-ukrainianorganizations/
https://www.microsoft.com/security/blog/2022/03/16/uncovering-trickbots-use-of-iot-devicesin-command-and-control-infrastructure/
https://www.microsoft.com/security/blog/2022/04/12/tarrask-malware-uses-scheduled-tasksfor-defense-evasion/
https://www.microsoft.com/security/blog/2022/06/02/exposing-polonium-activity-andinfrastructure-targeting-israeli-organizations/
https://www.microsoft.com/security/blog/2022/07/26/malicious-iis-extensions-quietly-openpersistent-backdoors-into-servers/
https://www.presstv.ir/Detail/2020/02/04/617877/Is-the-coronavirus-a-US-bioweapon
https://www.proofpoint.com/us/blog/threat-insight/badblood-ta453targets-us-and-israeli-medical-research-personnel-credential
https://www.reuters.com/business/energy/iran-says-israel-us-likely-behind-cyberattack-gasstations-2021-10-30/
https://www.reuters.com/business/energy/shell-re-routes-oil-supplies-after-cyberattackgerman-logistics-firm-2022-02-01/
https://www.reuters.com/world/americas/cyber-attack-costa-rica-growsmore-agencies-hit-president-says-2022-05-16/
https://www.reuters.com/world/asia-pacific/nkorea-mobilises-office-workers-fight-droughtamid-food-shortages-2022-05-04/
https://www.reuters.com/world/middle-east/iran-parliament-approves-most-raisi-nomineeshardline-cabinet-2021-08-25/
https://www.rt.com/news/482405-iran-coronavirus-us-biological-weapon/
https://www.secureworks.com/blog/lyceum-takes-center-stage-in-middle-east-campaign
https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35211
https://www.state.gov/wp-content/uploads/2022/01/Kremlin-Funded-Media_January_update-19.pdf
https://www.statista.com/statistics/800426/worldwide-blockchain-solutions-spending/
https://www.tasnimnews.com/en/news/2021/11/05/2602361/us-military-action-off-the-tableiranian-general
https://www.theguardian.com/world/2017/may/05/iran-president-hassanrouhani-nuclear-agreement-sabotaged
https://www.theguardian.com/world/2021/aug/06/north-korea-homes-wreckeddamaged-andand-bridges-washed-away-in-floods
https://www.theguardian.com/world/2022/apr/30/the-china-solomons-security-deal-has-beensigned-time-to-move-on-from-megaphone-diplomacy
https://www.theguardian.com/world/2022/mar/18/amateur-hackers-warned-against-joiningukraines-it-army
https://www.timesofisrael.com/in-rare-criticism-of-irgc-rouhani-slams-anti-israel-sloganson-test-missiles/
https://www.usatoday.com/story/news/
https://www.usnews.com/
https://www.washingtonpost.com/national-security/cyber-command-revilransomware/2021/11/03/528e03e6-3517-11ec-9bc4-86107e7b0ab1_story.html
https://www.washingtonpost.com/world/2022/04/01/china-eu-summit/
https://www.washingtonpost.com/world/asia_pacific/north-korea-kimpandemic/2021/09/08/31adfd74-ff53-11eb-87e0-7e07bd9ce270_story.html
https://www.whitehouse.gov/briefing-room/presidential-actions/2022/01/19/memorandumon-improving-the-cybersecurity-of-national-security-department-of-defense-and-intelligencecommunity-systems/
https://www.wsj.com/articles/russias-vladimir-putin-meets-with-chinese-leader-xi-jinping-inbeijing-11643966743
https://www.wsj.com/articles/u-s-on-sidelines-as-china-and-other-asia-pacific-nations-launchtrade-pact-11641038401
https://www.zdnet.com/article/after-77-million-hack-crypto-platformascendex-to-reimburse-customers/
https://www.zdnet.com/article/ripple20-vulnerabilities-will-haunt-the-iot-landscape-for-yearsto-come
https://zetter.substack.com/p/dozens-of-computers-in-ukraine-wiped?s=r