The Baltic States are not among the countries that are most frequently targeted by cyberattacks, the Microsoft NTO Europe North Multi-country Cluster representative told LETA, according to LETA.
However, as noted by Renate Strazdina, a representative of the company, criminals do not rest — they quickly master the latest technologies, including artificial intelligence, to refine and accelerate their methods of operation.
According to the Microsoft Digital Security Report for the first half of 2025, Latvia ranked 64th globally among countries whose users were most frequently targeted by cyberattacks. Estonia ranked 63rd, and Lithuania ranked 53rd.
According to Strazdina, changes are being observed: cybercriminals are increasingly targeting not only government institutions but also small and medium-sized enterprises, often acting through state-supported groups.
Microsoft emphasizes that hospitals, educational institutions, and local governments are increasingly becoming targets of cyberattacks, as they have access to confidential data, while cybersecurity resources are typically limited. The consequences of such attacks can hinder medical services, disrupt the educational process, and halt public transportation. Ransomware creators exploit these vulnerabilities, as representatives of these sectors often quickly pay ransoms to restore services as soon as possible.
The report data indicate that over 52% of targeted cyberattacks are carried out using ransomware and extortion, while espionage attacks account for 4% of all cybercrimes.
Modern cybercriminals are mostly criminals seeking opportunities for financial gain, rather than state-supported hackers. In 80% of cases, the targets of criminals are personal data, highlighting the universal nature of this threat, the company notes.
However, according to Microsoft, although most cyberattacks are carried out by criminals, state-supported groups continue to deliberately attack strategically important sectors and regions, primarily for espionage purposes, but often also for financial gain.
Both criminals and security specialists are increasingly using artificial intelligence. Cybercriminals use it to automate phishing and create artificial content, while specialists use it to address shortcomings in attack detection and user protection.
Microsoft emphasizes that as cyber threats become more complex, organizations need to continuously improve their protective solutions and share the information obtained. States, in turn, must develop clear regulations that provide real consequences for malicious actions and promote greater transparency among the parties involved.
The report data also show that outdated protective measures are no longer sufficiently effective. Modernizing protective systems and close cooperation between the industry and government institutions are critically important for strengthening cybersecurity.
At an individual level, the use of multi-factor authentication, especially phishing-resistant solutions, can prevent over 99% of identity theft and related attacks, Microsoft notes.
