Oct. 23, 2025
A multinational technology organisation, Microsoft on Thursday revealed that the global cybersecurity landscape had reached critical levels, driven by the acceleration of Artificial Intelligence (AI) and geopolitical conflicts.
Microsoft Chief Security Advisor for Africa, Kerissa Varma, told newsmen at a virtual media roundtable that these are the findings of its Digital Defence Report (MDDR) released in October 2025.
Varma said that the report, which leveraged Microsoft’s unparalleled vantage point, processed a staggering 100 trillion security signals and screened 5 billion emails daily.
She said that the report emphasised a strategic shift in cyber defense, urging a move from reactive protection to proactive, anticipatory resilience.
Varma said that the MDDR 2025 clearly outlined three key trends shaping the threat landscape.
“Adversaries are targeting data; most attacks are for money, and adversaries are using AI to scale and tailor operations.
“Analysis of incident response engagements revealed that the primary motivations for cyber attacks remain financial and intellectual property theft.
“Data theft accounts for the largest share of identified motivations at 37 per cent; extortion follows closely at 33 per cent; destruction and human-operated ransomware make up 19 per cent,’’ she said.
According to her, the public sector and consumer and industrial products sectors are identified as the two global sectors most impacted by threat actors, followed by professional services and consulting.
She said that AI was rapidly evolving the capabilities of both cyber attackers and defenders.
Varma said that on the attack side, the MDDR 2025 showed that AI-automated phishing had proven to be an alarming development.
According to her, the report notes a 4.5-times increase in the likelihood of clicking on a phishing email when it is AI-automated, compared to standard attacks.
She said that, furthermore, the profitability of attack increased by 50 times for AI-enabled phishing, incentivising its widespread use.
Varma said that attackers are also employing email bombing to flood mailboxes, effectively hiding security alerts and creating urgency.
She said that, however, the MDDR 2025 noted that AI was also transforming cyber defence by automating response and containment, and detecting threats faster and more accurately.
She added that AI was also helping in identifying detection gaps and adapting to attacker behaviour.
Varma highlighted Microsoft’s deep integration of AI to secure identity systems, cloud workloads and even AI agents themselves.
According to her, this advanced defence capability was demonstrated in a critical incident where a ransomware attack with potential global impact was stopped under two minutes.
Varma said that the report also raised a strategic concern regarding remote Information Technology workers, warning that companies may inadvertently be hiring their own attacker.
She said that the report provided critical Pre-Hire Vetting Tips, including verifying all resume details, checking for multiple social media profiles and requiring multiple video calls to confirm identity.
According to her, post-monitoring of remote workers is also recommended, specifically watching for unauthorised tools, geographic anomalies and camera avoidance during remote work.
Varma said on the geopolitical front, the report indicated that nation-state actors are expanding operations, often leveraging AI and specifically targeting critical infrastructure.
She advocated for a stronger global deterrent strategy, including the regular public attribution of cyber attacks, signaling “red lines,” and imposing diverse consequences.
“In a regional sample of nation-state activity, Africa accounted for 150 observed attacks. Egypt and South Africa were the most targeted nations, both at 21 per cent, followed by Ethiopia at 13 per cent.
“Nigeria accounted for 5 per cent of the observed nation-state attacks in the region.’’
The Microsoft security boss emphasised that cybersecurity was no longer just a technical issue, it was also a strategic one that must be managed at the boardroom level.
Its security portfolio, she said, spanned products like Microsoft Defender, Microsoft Sentinel and Microsoft Purview; integrating security, identity, privacy and compliance simultaneously. (NAN)
