Extortion and ransomware drive over half of cyberattacks - Microsoft On the Issues

Microsoft’s 2025 Digital Defense Report reveals that 80% of investigated cyber incidents involved data theft, with over half driven by financial motives such as extortion or ransomware, while only 4% focused on espionage. The report highlights the growing accessibility of cybercrime tools, AI-powered attacks, and the surge in identity-based breaches—97% of which stem from password attacks. Critical infrastructure sectors remain prime targets due to their limited defences, while nation-state actors, particularly from China, Russia, Iran, and North Korea, continue expanding operations for espionage and financial gain. Microsoft stresses that cybersecurity must now be treated as a strategic, shared responsibility across governments and industries, requiring AI-enabled defences, collaboration, and widespread adoption of phishing-resistant multifactor authentication.