Intelligence reports

The 2024 edition of the Microsoft Digital Defense Report examines the evolving cyber threats from nation-state threat groups and cybercriminal actors, provides new insights and guidance to enhance resilience and strengthen defenses, and explores generative AI's growing impact on cybersecurity.

The CISO Executive Summary provides an introduction by Microsoft CISO Bret Arsenault and gives an in-depth, narrative-style summary, highlighting key points of interest for modern chief information security officers. 

The latest edition of the Microsoft Digital Defense Report explores the evolving threat landscape and walks through opportunities and challenges as we become cyber resilient.

The Executive Summary provides an introduction on the threat landscape by Tom Burt, along with the top headlines from the reports five main chapters: The State of Cybercrime; Nation State Threats; Critical Cybersecurity Challenges; Innovating for Security and Resilience; and Collective Defense. 

In the 2022 edition of the Microsoft Digital Defense Report, Microsoft security experts illuminate today’s threat landscape, providing insights on emerging trends as well as historically persistent threats in the 2022 Microsoft Digital Defense Report.

The 2021 edition Microsoft Digital Defense Report draws on insights, data, and more from trillions of daily security signals from across Microsoft, including the cloud, endpoints, and the intelligent edge.

Introducing the Microsoft Digital Defense Report, a reimagining of the annual Microsoft Security Intelligence Report (SIR) published since 2005.

As the 2024 US presidential election cycle approaches its final weeks, Microsoft Threat Intelligence anticipates increased foreign influence activity leading up to Election Day. Learn how Russia, Iran, and China may attempt to sow doubt about the election's integrity by amplifying claims of fraud or rigging.

In a special report on cyber influence operations targeting the 2024 U.S. presidential election cycle, Microsoft Threat Intelligence examines Russian campaigns aimed at manipulating public opinion and sowing political discord.

Cyber-enabled influence operations targeting the 2024 US election season are already underway. Microsoft Threat Intelligence has observed an increase in foreign influence activity from actors backed by Iran, Russia, and China. Learn how these groups are using generative AI and other tactics to manipulate public opinion and sow discord.

Russian influence actors are adding AI to a decades-long legacy of disinformation aimed at the Olympic Games. Attempts to smear the reputation of the International Olympic Committee at this summer’s games in Paris, as well as multiple efforts to create an expectation of violence during the event, are expected to intensify as the games near.

Microsoft Threat Intelligence has observed several key cyber and influence trends from China and North Korea since June 2023 that demonstrate not only doubling down on familiar targets, but also attempts to use more sophisticated influence techniques to achieve their goals.

Discover details of Iran’s cyber-enabled influence operations supporting Hamas in Israel. Learn how operations have progressed through different phases of the war, and examine the four key influence tactics, techniques, and procedures (TTPs) Iran favors most.

Russian cyber and influence operations persist as the war in Ukraine continues. Microsoft Threat Intelligence details the latest cyber threat and influence activities over the last six months.

Dive in and explore emerging trends in East Asia’s evolving threat landscape, where China conducts both widespread cyber and influence operations (IO), while North Korean cyber threat actors demonstrate growing sophistication.

Microsoft Threat Intelligence uncovered increased cyber-enabled influence operations out of Iran. Get threat insights with details of new techniques and where the potential for future threats exists.

Microsoft threat intelligence examines a year of cyber and influence operations in Ukraine, uncovers new trends in cyber threats, and what to expect as the war enters its second year.

The tax man, and phishing campaigns, cometh. Microsoft Threat Intelligence reviews what criminals target, how they get it (including details from a newly observed 2024 campaign), and the best practices for keeping businesses and individuals (especially vulnerable populations) safe.

How cyber-attacks and cyber influence operations are being used in the war between Russian and the Ukraine.

Russian threat actors have launched increasingly disruptive and visible cyberattacks against Ukraine and have included activities such as phishing, reconnaissance, and attempts to compromise public information sources.

Learn five fundamental steps to enhance your organizations cyber resilience and help protect against ransomware and other malicious cyberattacks.