Microsoft Digital Defense Report 2025

web

Microsoft·microsoft.com/en-us/security/security-insider/threat-land...

Credibility Rating

4/5

High(4)

High quality. Established institution or organization with editorial oversight and accountability.

Rating inherited from publication venue: Microsoft

This annual industry report from Microsoft is relevant to AI safety discussions around dual-use AI capabilities, the offensive use of AI by threat actors, and governance challenges in securing AI-enabled infrastructure at scale.

Metadata

Importance: 52/100organizational reportanalysis

Summary

Microsoft's 2025 Digital Defense Report analyzes the current cyber threat landscape, highlighting how AI is accelerating both offensive and defensive capabilities. It documents the industrialization of cybercrime, the 87% rise in destructive cloud attacks, and the increasing role of nation-state actors, while calling for innovation, resilience, and cross-sector collaboration as defensive priorities.

Key Points

•AI-driven phishing is 3x more effective than traditional campaigns; threat actors increasingly use AI to scale attacks and automate intrusions.
•Destructive cloud campaigns rose 87%; adversaries are targeting cloud infrastructure requiring Zero Trust and resilience-by-design approaches.
•Cybercrime-as-a-service is proliferating, with access brokers selling entry to thousands of organizations, industrializing the criminal economy.
•Microsoft blocked $4B in fraud and 1.6M fake account sign-ups per hour, illustrating the scale at which AI-powered defenses must operate.
•Over 40% of ransomware attacks have a hybrid component; nation-state actors are expanding their role alongside financially motivated criminals.

Cited by 1 page

Page	Type	Quality
Cyberweapons Risk	Risk	91.0

Cached Content Preview

HTTP 200Fetched Mar 20, 202617 KB

This is the Trace Id: 2110fc07fff8c4999ba75a793ec6afb6

Skip to main content

Join RSAC executive panel session on March 24 “AI agents are here! Are you ready?”.

[Register now](https://go.microsoft.com/fwlink/?linkid=2354415&clcid=0x409&culture=en-us&country=us)

# Microsoft Digital Defense Report 2025

[Download the report](https://go.microsoft.com/fwlink/?linkid=2338388&clcid=0x409&culture=en-us&country=us) [Download the executive summary](https://go.microsoft.com/fwlink/?linkid=2339002&clcid=0x409&culture=en-us&country=us) [Share](https://www.microsoft.com/en-us/security/security-insider/threat-landscape/microsoft-digital-defense-report-2025#modal-dialog)

![A blue spiral-shaped object against a neutral background.](https://cdn-dynmedia-1.microsoft.com/is/image/microsoftcorp/144805_SCI-Hero-Thumbnail-752x580?resMode=sharp2&op_usm=1.5,0.65,15,0&wid=1504&qlt=100&fit=constrain)

## The state of cyber defense

We are living through a defining moment in cybersecurity, where digital transformation and AI are pushing threats to new levels of speed, scale, and sophistication. Cyberattacks are no longer isolated IT issues; they shape economies, geopolitics, and public trust.

While defenders are already using AI to block billions in fraud, compress response times from hours to minutes, and scale protections globally, meeting this moment requires innovation to stay ahead of adversaries, resilience to recover from inevitable attacks, and partnership to strengthen culture and collaboration across industries and governments.

This is not a retrospective. It is a call to action: the threats are compounding, the timelines for attack and therefore response are shrinking, and the stakes extend far beyond IT systems.  They reach into global stability, business continuity, and public trust.

This year’s report highlights the most pressing themes in today’s threat landscape, for example the increased use of AI by threat actors, the proliferation of infostealers, and the growth of cybercrime as a service, and the expanding role of nation-state threat actors. Alongside the data, it outlines clear defensive priorities, from strengthening identity and cloud resilience to disrupting criminal supply chains and building stronger partnerships.

Key themes

## Key themes

- ### Innovation
















Threat actors are turning to AI to scale phishing and automate intrusions. Defenders must innovate just as quickly—using AI, automation, and secure-by-default practices—to stay ahead. Last year, Microsoft thwarted $4 billion in fraud attempts and blocked 1.6 million bot-driven or fake account sign-ups every hour, demonstrating the scale of defenses needed to match the pace of adversaries.

- ### Resilience
















Adversaries are increasingly attacking the cloud, with destructive campaigns up 87%. Resilience means operating through attacks, aided by security engineered into systems, supply chains, and governance. Security teams should follow the Zero Trust concep

... (truncated, 17 KB total)

Resource ID: 31a6292dc5d9663b | Stable ID: ZWE2YmEwM2