Russian or Russia-linked cyberattacks in 2025 primarily targeted Ukraine and NATO member states, according to Microsoft’s annual Digital Defense Report, published on Thursday.
“Russian state actors have expanded their target scope this year to infiltrate networks and devices primarily in Ukraine and NATO member countries,” the report stated, disinfo reports.
According to Microsoft, the ten most targeted countries by Russian or Russia-affiliated groups were all NATO members, except Ukraine, Agerpres reports.
The tech company recorded a 25% increase in cyberattacks attributed to Russian actors compared to the previous year, though it did not disclose the total number of incidents.
Ukraine remains the primary target
Ukraine continues to rank as the most targeted country, accounting for 25% of all detected cyberattacks. The report also notes a shift in Russia-linked groups’ focus — from large institutions to small businesses in countries allied with Kyiv.
“Russian state actors may view these smaller entities as more resource-efficient entry points that can be used to access larger organizations,” Microsoft explained.
Outside Ukraine, the threat is largely limited to cyber espionage, the report adds.
Government agencies remain the most targeted organizations, followed by the research and education sectors, which have seen an increase in attacks. NGOs and think tanks rank third among the preferred targets of Russian-linked hackers.