Microsoft has published its Digital Defense Report 2025, which shows that over 52% of all cyberattacks worldwide are aimed at extortion or involve ransomware programs. Only 4% of attacks are linked to cyber espionage.
Every day, Microsoft processes more than 100 trillion security signals, blocks 4.5 million malware infection attempts, and scans up to 5 billion emails for phishing threats. The company notes that artificial intelligence accelerates both the creation of phishing attacks and the tools for detecting them.
In the first half of 2025, Ukraine ranked fifth in the world and third in Europe among the countries most frequently targeted by cyberattacks. About 9.5% of all recorded incidents in the European region occurred in Ukraine. According to Microsoft representative Renate Strazdina, the country is demonstrating rapid development in cybersecurity and building a “digital resilience that inspires far beyond its borders.”
Hospitals, schools, and local authorities — often with limited cybersecurity resources — are among the primary targets of attackers. Microsoft emphasizes the need to modernize security systems and implement multi-factor authentication (MFA), which can prevent over 99% of account-targeted attacks.
Microsoft notes that most attacks today are carried out by organized cybercriminals exploiting vulnerabilities for financial gain. In 80% of cases, their goal is data theft. Despite the dominance of cybercriminals, state actors from China, Russia, Iran, and North Korea continue attacks ranging from espionage to attempts at financial gain.
The company calls on governments and businesses to collaborate more closely, strengthen security standards, and share threat intelligence through the Secure Future Initiative.
