Technology Record - Issue 28: Spring 2023

campaign operation infrastructure,” says Burt. “At the same time, cybercriminals are becoming more frugal.” The Microsoft Digital Defense Report 2022 highlights that, to lower their overheads and boost the appearance of legitimacy, attackers are compromising business networks and devices to host phishing campaigns, malware, and mine cryptocurrency. Some of the most common and aggressive attacks come in the form of ransomware and extortion. The report warns that ransomware attacks pose an increased danger to all individuals as critical infrastructure, businesses of all sizes, and state and local governments are targeted by criminals leveraging a growing cybercriminal ecosystem. “Attackers will innovate – our response in the defender community needs to be thoughtful and strategic,” says Alex Weinert, vice president of identity security at Microsoft, in a recent blog post. “But we don’t need to panic. We can take as an example ransomware attacks. These are scary and grab headlines because of crippling work stoppages or huge ransoms. But... if you read all the attention-grabbing headlines, you’ll find that most novel techniques rely on compromising identity first. This shows the 51