Russia's cyber attacks against NATO nations rise by 25% in 2025, Microsoft analysis finds

Amid the war in Ukraine, Russia has increased its cyber-attacks on Nato nations by 25 per cent over the past year. According to the latest analysis by Microsoft, nine of the top 10 countries most affected by Russian state cyber-activity were members of the Nato alliance. The attacks are coming at a time when the Kremlin has escalated its “hybrid war” against European countries.

The tech giant noted that these attacks against NAO nations increased by a quarter compared with the previous year. As per their assessment, the US was the most targeted region, at 20 per cent of all attacks, followed by the UK at 12 per cent and Ukraine, the only non-Nato member in the top 10.

While Microsoft declined to give exact details of Russian state hostility, they maintained that most of these attacks targeted the government sector, followed by research and academia, and thinktanks and non-governmental organisations. Amy Hogan-Burney, a vice-president for cybersecurity policy at Microsoft, said the company expected to “continue to see activity across many Nato-based areas”.

More from Tech

Did PM Modi really promise Trump to stop buying Russian oil? UK faces growing threats from Russia, Iran, China and extremist groups, warns MI5 chief

Meanwhile, experts and politicians warned that Russia is conducting “ hybrid warfare” – the term for a range of unconventional tactics such as drone incursions, sabotage or cyber-attacks that occupy a “grey zone” between peace and war – against Nato members.

The victims of the attack

Last month, Eliza Manningham-Buller, former head of British spy agency MI5, warned that the UK may already be at war with Russia because of the intensity of cyber-attacks and other hostile activity orchestrated by Moscow against the UK. Buller said it was a “different sort of war, but the hostility, the cyber-attacks, the physical attacks, the intelligence work is extensive”.

Some of the other Nato nations were severely affected by Russia-linked incidents in Poland. The country recently witnessed 19 unarmed Russian drones crossing into its airspace last month. Meanwhile, Denmark was forced to close its airports due to unidentified drones. In another incident last month, Nato intercepted three Russian MiG-31 fighter jets that violated Estonia’s airspace over the Baltic Sea in a 12-minute incursion.

Microsoft added in its annual digital defence report that Russia was using the country’s highly active cybercriminal community to carry out its aims. It is pertinent to note that Russia’s cybercrime is most commonly associated with ransomware attacks, which have crippled businesses and public bodies around the world.

Impact Shorts

More Shorts

What are verified UPI IDs that India's market regulator has rolled out for investors?

Google announces world’s largest AI and data hub in Visakhapatnam, to invest $15 bn in 5 years

In its latest assessment, the tech giant noted that it had observed the Russian state tapping the cybercrime ecosystem for access to targets, using its malicious software or as proxies for carrying out attacks. Jamie MacColl, a senior research fellow at the Royal United Services Institute (Rusi) thinktank, told The Guardian that while the revelation is concerning, it is not surprising.

“It is not surprising, given the general uptick in Russian covert, and sometimes overt, action against Nato member states over the past 12 months. The way states use their cyber operations mirrors their broader approach to statecraft, so it makes sense these attacks are increasing," MacColl said.