For the last year, one word has represented the conversation living at the intersection of AI and cybersecurity: speed. Speed matters, but it’s not the most important shift we are observing across the threat landscape today. Now, threat actors from nation states to cybercrime groups are embedding AI into how they plan, refine, and sustain cyberattacks. The objectives haven’t changed, but the tempo, iteration, and scale of generative AI enabled attacks are certainly upgrading them.

However, like defenders, there is typically a human-in-the-loop still powering these attacks, and not fully autonomous or agentic AI running campaigns. AI is reducing friction across the attack lifecycle; helping threat actors research faster, write better lures, vibe code malware, and triage stolen data. The security leaders I spoke with at RSAC™ 2026 Conference this week are prioritizing resources and strategy shifts to get ahead of this critical progression across the threat landscape.

The operational reality: Embedded, not emerging

The scale of what we are tracking makes the scope impossible to dismiss. Threat activity spans every region. The United States alone represents nearly 25% of observed activity, followed by the United Kingdom, Israel, and Germany. That volume reflects economic and geopolitical realities.¹

But the bigger shift is not geographic, it’s operational. Threat actors are embedding AI into how they work across reconnaissance, malware development, and post-compromise operations. Objectives like credential theft, financial gain, and espionage might look familiar, but the precision, persistence, and scale behind them have changed.

Email is still the fastest inroad

Email remains the fastest and cheapest path to initial access. What has changed is the level of refinement that AI enables in crafting the message that gets someone to click.

When AI is embedded into phishing operations, we are seeing click-through rates reach 54%, compared to roughly 12% for more traditional campaigns. That is a 450% increase in effectiveness. That’s not the result of increased volume, but the result of improved precision. AI is helping threat actors localize content and adapt messaging to specific roles, reducing the friction in crafting a lure that converts into access. When you combine that improved effectiveness with infrastructure designed to bypass multifactor authentication (MFA), the result is phishing operations that are more resilient, more targeted, and significantly harder to defend at scale.

A 450% increase in click-through rates changes the risk calculus for every organization. It also signals that AI is not just being used to do more of the same, it is being used to do it better.

Tycoon2FA: What industrial-scale cybercrime looks like

Tycoon2FA is an example of how the actor we track as Storm-1747 shifted toward refinement and resilience. Understanding how it operated teaches us where threats might be headed, and fueled conversations in the briefing rooms at RSAC 2026 this week that focused on ecosystem instead of individual actors.

Tycoon2FA was not a phishing kit, it was a subscription platform that generated tens of millions of phishing emails per month. It was linked to nearly 100,000 compromised organizations since 2023. At its peak, it accounted for roughly 62% of all phishing attempts that Microsoft was blocking every month. This operation specialized in adversary-in-the-middle attacks designed to defeat MFA. It intercepted credentials and session tokens in real time and allowed attackers to authenticate as legitimate users without triggering alerts, even after passwords were reset.

But the technical capability is only part of the story. The bigger shift is structural. Storm-1747 was not operating alone. This was modular cybercrime: one service handled phishing templates, another provided infrastructure, another managed email distribution, another monetized access. It was effectively an assembly line for identity theft. The services were composable, scalable, and available by subscription.

This is the model that has changed the conversations this week: it is not about a single sophisticated actor; it is about an ecosystem that has industrialized access and lowers the barrier to entry for every actor that plugs into it. That is exactly what AI is doing across the broader threat landscape: making the capabilities of sophisticated actors available to everyone.

Disruption: Closing the threat intelligence loop

Our Digital Crimes Unit disrupted Tycoon2FA earlier this month, seizing 330 domains in coordination with Europol and industry partners. But the goal was not simply to take down websites. The goal was to apply pressure to a supply chain. Cybercrime today is about scalable service models that lower the barrier to entry. Identity is the primary target and MFA bypass is now packaged as a feature. Disrupting one service forces the market to adapt. Sustained pressure fragments the ecosystem. By targeting the economic engine behind attacks, we can reshape the risk environment.

Every time we disrupt an attack, it generates signal. The signal feeds intelligence. The intelligence strengthens detection. Detection is what drives response. That is how we turn threat actor actions into durable defenses, and how the work of disruption compounds over time. Microsoft’s ability to observe at scale, act at scale, and share intelligence at scale is the differentiation that matters. It makes a difference because of how we put it into practice.

AI across the full attack lifecycle

When we step back from any single campaign and look for a broader pattern, AI doesn’t show up in just one phase of an attack; it appears across the entire lifecycle. At RSAC 2026 this week, I offered a frame to help defenders prioritize their response:

• In reconnaissance: AI accelerates infrastructure discovery and persona development, compressing the time between target selection and first contact. 

• In resource development: AI generates forged documents, polished social engineering narratives, and supports infrastructure at scale. 

• For initial access: AI refines voice overlays, deepfakes, and message customization using scraped data, producing lures that are increasingly difficult to distinguish from legitimate communications. 

• In persistence and evasion: AI scales fake identities and automates communication that maintains attacker presence while blending with normal activity. 

• In weaponization: AI enables malware development, payload regeneration, and real-time debugging, producing tooling that adapts to the victim environment rather than relying on static signatures. 

• In post-compromise operations: AI adapts tooling to the specific victim environment and, in some cases, automates ransom negotiation itself. 

The objective has not changed: credential theft, financial gain, and espionage. What has changed is the tempo, the iteration speed, and the ability to test and refine at scale. AI is not just accelerating cyberattacks, it’s upgrading them.

What comes next

In my sessions at RSAC 2026 this week, I shared a set of themes that help define the AI-powered shift in the threat landscape.

The first is the agentic threat model. The scenarios we prepare for have changed. The barrier to launching sophisticated attacks has collapsed. What once required the resources of a nation-state or well-organized criminal enterprise is now accessible to a motivated individual with the right tools and the patience to use them. The techniques have not fundamentally changed; the precision, velocity, and volume have.

The second is the software supply chain. Knowing what software and agents you have deployed and being able to account for their behavior is not a compliance exercise. The agent ecosystem will become the most attacked surface in the enterprise. Organizations that cannot answer basic inventory questions about their agent environment will not be able to defend it.

The third is understanding the value of human talent in a security operation using agentic systems to scale. The security analyst as practitioner is giving way to the security analyst as orchestrator. The talent models organizations are hiring against today are already outdated. But technology can help protect humans who may make mistakes. Though it means auditability of agent decisions is a governance requirement today, not eventually. The SOC of the future demands a fundamentally different kind of defender.

The moment to lead with strategic clarity, ranked priorities, and a hardened posture for agentic accountability is now.

If AI is embedded across the attack lifecycle, intelligence and defense must be embedded across the lifecycle too. Microsoft Threat Intelligence will continue to track, publish, and act on what we are observing in real time. The patterns are visible. The intelligence is there.

To learn more about Microsoft Security solutions, visit our website. Bookmark the Security blog to keep up with our expert coverage on security matters. Also, follow us on LinkedIn (Microsoft Security) and X (@MSFTSecurity) for the latest news and updates on cybersecurity.

---

¹Microsoft Digital Defense Report 2025.

The post Threat actor abuse of AI accelerates from tool to cyberattack surface appeared first on Microsoft Security Blog.

For the last year, one word has represented the conversation living at the intersection of AI and cybersecurity: speed. Speed matters, but it’s not the most important shift we are observing across the threat landscape today. Now, threat actors from nation states to cybercrime groups are embedding AI into how they plan, refine, and sustain cyberattacks. The objectives haven’t changed, but the tempo, iteration, and scale of generative AI enabled attacks are certainly upgrading them.

However, like defenders, there is typically a human-in-the-loop still powering these attacks, and not fully autonomous or agentic AI running campaigns. AI is reducing friction across the attack lifecycle; helping threat actors research faster, write better lures, vibe code malware, and triage stolen data. The security leaders I spoke with at RSAC™ 2026 Conference this week are prioritizing resources and strategy shifts to get ahead of this critical progression across the threat landscape.

The operational reality: Embedded, not emerging

The scale of what we are tracking makes the scope impossible to dismiss. Threat activity spans every region. The United States alone represents nearly 25% of observed activity, followed by the United Kingdom, Israel, and Germany. That volume reflects economic and geopolitical realities.¹

But the bigger shift is not geographic, it’s operational. Threat actors are embedding AI into how they work across reconnaissance, malware development, and post-compromise operations. Objectives like credential theft, financial gain, and espionage might look familiar, but the precision, persistence, and scale behind them have changed.

Email is still the fastest inroad

Email remains the fastest and cheapest path to initial access. What has changed is the level of refinement that AI enables in crafting the message that gets someone to click.

When AI is embedded into phishing operations, we are seeing click-through rates reach 54%, compared to roughly 12% for more traditional campaigns. That is a 450% increase in effectiveness. That’s not the result of increased volume, but the result of improved precision. AI is helping threat actors localize content and adapt messaging to specific roles, reducing the friction in crafting a lure that converts into access. When you combine that improved effectiveness with infrastructure designed to bypass multifactor authentication (MFA), the result is phishing operations that are more resilient, more targeted, and significantly harder to defend at scale.

A 450% increase in click-through rates changes the risk calculus for every organization. It also signals that AI is not just being used to do more of the same, it is being used to do it better.

Tycoon2FA: What industrial-scale cybercrime looks like

Tycoon2FA is an example of how the actor we track as Storm-1747 shifted toward refinement and resilience. Understanding how it operated teaches us where threats might be headed, and fueled conversations in the briefing rooms at RSAC 2026 this week that focused on ecosystem instead of individual actors.

Tycoon2FA was not a phishing kit, it was a subscription platform that generated tens of millions of phishing emails per month. It was linked to nearly 100,000 compromised organizations since 2023. At its peak, it accounted for roughly 62% of all phishing attempts that Microsoft was blocking every month. This operation specialized in adversary-in-the-middle attacks designed to defeat MFA. It intercepted credentials and session tokens in real time and allowed attackers to authenticate as legitimate users without triggering alerts, even after passwords were reset.

But the technical capability is only part of the story. The bigger shift is structural. Storm-1747 was not operating alone. This was modular cybercrime: one service handled phishing templates, another provided infrastructure, another managed email distribution, another monetized access. It was effectively an assembly line for identity theft. The services were composable, scalable, and available by subscription.

This is the model that has changed the conversations this week: it is not about a single sophisticated actor; it is about an ecosystem that has industrialized access and lowers the barrier to entry for every actor that plugs into it. That is exactly what AI is doing across the broader threat landscape: making the capabilities of sophisticated actors available to everyone.

Disruption: Closing the threat intelligence loop

Our Digital Crimes Unit disrupted Tycoon2FA earlier this month, seizing 330 domains in coordination with Europol and industry partners. But the goal was not simply to take down websites. The goal was to apply pressure to a supply chain. Cybercrime today is about scalable service models that lower the barrier to entry. Identity is the primary target and MFA bypass is now packaged as a feature. Disrupting one service forces the market to adapt. Sustained pressure fragments the ecosystem. By targeting the economic engine behind attacks, we can reshape the risk environment.

Every time we disrupt an attack, it generates signal. The signal feeds intelligence. The intelligence strengthens detection. Detection is what drives response. That is how we turn threat actor actions into durable defenses, and how the work of disruption compounds over time. Microsoft’s ability to observe at scale, act at scale, and share intelligence at scale is the differentiation that matters. It makes a difference because of how we put it into practice.

AI across the full attack lifecycle

When we step back from any single campaign and look for a broader pattern, AI doesn’t show up in just one phase of an attack; it appears across the entire lifecycle. At RSAC 2026 this week, I offered a frame to help defenders prioritize their response:

• In reconnaissance: AI accelerates infrastructure discovery and persona development, compressing the time between target selection and first contact. 

• In resource development: AI generates forged documents, polished social engineering narratives, and supports infrastructure at scale. 

• For initial access: AI refines voice overlays, deepfakes, and message customization using scraped data, producing lures that are increasingly difficult to distinguish from legitimate communications. 

• In persistence and evasion: AI scales fake identities and automates communication that maintains attacker presence while blending with normal activity. 

• In weaponization: AI enables malware development, payload regeneration, and real-time debugging, producing tooling that adapts to the victim environment rather than relying on static signatures. 

• In post-compromise operations: AI adapts tooling to the specific victim environment and, in some cases, automates ransom negotiation itself. 

The objective has not changed: credential theft, financial gain, and espionage. What has changed is the tempo, the iteration speed, and the ability to test and refine at scale. AI is not just accelerating cyberattacks, it’s upgrading them.

What comes next

In my sessions at RSAC 2026 this week, I shared a set of themes that help define the AI-powered shift in the threat landscape.

The first is the agentic threat model. The scenarios we prepare for have changed. The barrier to launching sophisticated attacks has collapsed. What once required the resources of a nation-state or well-organized criminal enterprise is now accessible to a motivated individual with the right tools and the patience to use them. The techniques have not fundamentally changed; the precision, velocity, and volume have.

The second is the software supply chain. Knowing what software and agents you have deployed and being able to account for their behavior is not a compliance exercise. The agent ecosystem will become the most attacked surface in the enterprise. Organizations that cannot answer basic inventory questions about their agent environment will not be able to defend it.

The third is understanding the value of human talent in a security operation using agentic systems to scale. The security analyst as practitioner is giving way to the security analyst as orchestrator. The talent models organizations are hiring against today are already outdated. But technology can help protect humans who may make mistakes. Though it means auditability of agent decisions is a governance requirement today, not eventually. The SOC of the future demands a fundamentally different kind of defender.

The moment to lead with strategic clarity, ranked priorities, and a hardened posture for agentic accountability is now.

If AI is embedded across the attack lifecycle, intelligence and defense must be embedded across the lifecycle too. Microsoft Threat Intelligence will continue to track, publish, and act on what we are observing in real time. The patterns are visible. The intelligence is there.

To learn more about Microsoft Security solutions, visit our website. Bookmark the Security blog to keep up with our expert coverage on security matters. Also, follow us on LinkedIn (Microsoft Security) and X (@MSFTSecurity) for the latest news and updates on cybersecurity.

---

¹Microsoft Digital Defense Report 2025.

The post Threat actor abuse of AI accelerates from tool to cyberattack surface appeared first on Microsoft Security Blog.

Critical infrastructure (CI) organizations underpin national security, public safety, and the economy. In 2026, the cyber threat landscape facing these sectors is structurally different than it was even two years ago. What Microsoft Threat Intelligence is observing across critical infrastructure environments right now is not a forecast. It is already happening. Threat actors are no longer focused solely on data theft or opportunistic disruption. They are establishing persistent access, footholds they can sit in quietly, undetected, and activate at the moment of maximum disruption. That is the threat CI leaders need to be preparing for today. Not someday. Now.

Given these rising threats, governments worldwide are advancing policies and regulations to require critical infrastructure organizations to prioritize continuous readiness and proactive defense. The regulatory trajectory is clear. The U.S. National Cybersecurity Strategy published in March 2023 explicitly frames cybersecurity of critical infrastructure as a national security imperative. Japan issued a basic policy to implement the Active Cyber Defense legislation in 2025. Europe continues to implement the NIS2 Directive across the essential sectors. And Canada is advancing a more prescriptive approach to critical infrastructure security through Bill C8.

What Microsoft Threat Intelligence hears from law enforcement agencies reinforces what we observe in our own telemetry. For example, Operation Winter SHIELD is a joint initiative led by the FBI Cyber Division focused on helping CI organizations move from awareness to verified readiness. Implementation not just awareness, not just policy. It is what closes the gap between knowing you are a target and being ready when it matters.

The water sector offers a clear illustration of what that implementation gap looks like in practice and what it takes to close it. The findings from Microsoft, released on March 19, 2026, in collaboration with the Cyber Readiness Institute and the Center on Cyber Technology and Innovation show that hands-on coaching paired with practical training materially improves cyber readiness in water and wastewater utilities in ways that guidance alone does not. When attacks succeed, communities face safety concerns, loss of trust, and service disruptions. That is not an abstraction. That is what is at stake across every CI sector.

To say that environments CI organizations are defending today were not designed for the threat they are facing is an understatement. Legacy systems now operate within hybrid IT–OT environments connected by cloud-based identity, remote access, and complex vendor ecosystems that did not exist when those systems were built. Identity has become the central control layer across all of it. Microsoft Threat Intelligence and Incident Response investigations show a convergence of identity-driven intrusion, living-off-the-land (LOTL) persistence, and nation-state prepositioning across CI. Against this backdrop, five facts define the resilience priorities CI leaders must address in 2026.

Explore CI readiness resources

Five critical threat realities

Five facts CI leaders can’t ignore

Today’s threat landscape reflects five structural realities: identity as the primary entry point, hybrid IT–OT architecture expanding attacker reach, nation-state pre-positioning as an ongoing concern, preventable exposure continuing to drive intrusions, and a shift from data compromise to operational disruption. Together, these dynamics are reshaping critical infrastructure resilience in 2026.

1. Identity is the dominant attack pathway into CI environments

Identity is where we see attackers start, almost every time. In CI environments, identity bridges enterprise IT and operational technology, making it the primary attack path. More than 97% of identity-based attacks target password-based authentication, most commonly through password spray or brute force techniques. As identity systems centralize access to cloud and operational assets, adversaries rely on LOTL techniques and legitimate credentials to evade detection. Because identity now governs access across these connected domains, a single compromised account can provide privileged reach into operationally relevant systems.
 

2. Cloud and hybrid environments expand operational risk

The cloud did not just change how CI organizations operate. It changed how attackers get in and how far they can go. Cloud and hybrid incidents increased 26% in early 2025 as identity, automation, and remote management converged within cloud control planes. Microsoft research shows 18% of intrusions originate from web-facing assets, 12% from exposed remote services, and 3% from supply chain pathways. As long-lived OT systems depend on cloud-based identity and centralized remote access, identity compromise can extend beyond IT into operational environments. Incidents that once remained contained within IT environments can now extend directly into operational systems. For CI operators, this means cloud and hybrid architecture now directly influence operational resilience—not just IT security.

3. Nation-state prepositioning is a strategic reality

This is the one that keeps me up at night. Nation-state operators are actively maintaining long-term, low-visibility access inside U.S. critical infrastructure environments. Microsoft and the Cybersecurity and Infrastructure Security Agency (CISA) have documented campaigns attributed to Volt Typhoon, a PRC state-sponsored actor, in which intruders relied on valid credentials and built-in administrative tools rather than custom malware to evade detection across sectors. Using LOTL techniques and legitimate accounts, these actors embed within routine operations and persist where IT and OT visibility gaps exist. CISA Advisory AA24-038A warns that PRC state-sponsored actors are maintaining persistent access to U.S. critical infrastructure that could be activated during a future crisis. For security leaders, this represents sustained, deliberate positioning inside operational environments and underscores how adversaries shape conditions for future leverage.

4. Exposure and misconfiguration enable initial access

Most of what Microsoft sees in our investigations is not sophisticated. It is preventable. Most intrusions into critical infrastructure begin with preventable exposure rather than advanced exploits. Internet-facing VPNs left enabled too long, contractor identities that outlive project timelines, misconfigured cloud tenants, and dormant privileged accounts create quiet, low-effort entry points. Microsoft research shows that 12% of intrusions originate from exposed remote services. Over time, configuration drift and unmanaged access expand the attack surface, allowing adversaries to gain initial access before persistence or lateral movement is required. Reducing unnecessary exposure remains one of the highest-leverage risk-reduction actions available to CI operators.

5. Operational impact is increasing

The goal has shifted. Attackers are no longer just trying to steal data. They are trying to take things offline. Operational disruption is becoming a primary objective, not a secondary outcome. Attack campaigns surged 87% in early 2025, alongside increased destructive cloud activity and hands-on-keyboard operations targeting critical infrastructure. Identity systems, cloud control planes, and remote management layers are targeted because they provide direct operational leverage. For CI operators, the impact extends beyond data loss to service availability and physical processes. Organizations must ensure operational pathways are resilient against disruptive activity, not only monitored for signs of compromise.

Common attack patterns

Scenario patterns observed in CI environments

These are not hypothetical. They are patterns we see repeatedly in incident response engagements across sectors. The actors may vary. The access pathways do not.

Continuous Readiness approach

Four reinforcing pillars of continuous readiness

Point-in-time hardening does not work against attackers who are playing a long game. In hybrid IT–OT environments, resilience requires sustained practices, not one-time fixes. CI leaders need a continuous approach that strengthens identity, reduces exposure, increases cross-domain visibility, and ensures effective response. Microsoft’s work across critical infrastructure environments consistently highlights four reinforcing pillars:

Readiness validation

Why continuous readiness works

Continuous readiness is most effective when it is grounded in integrated visibility across identity, endpoint, and cloud environments, particularly in hybrid IT–OT architectures common to critical infrastructure. Microsoft’s telemetry enables investigators to correlate activity across these domains, surfacing patterns that isolated tools may miss. CI-informed playbooks, shaped by incident response engagements across sectors, help organizations prioritize the pathways most likely to affect operations. In practice, readiness engagements frequently uncover active or dormant compromise, reinforcing the importance of validating resilience before disruption occurs. For CI leaders, this visibility and correlation are especially critical given the operational consequences of undetected identity misuse or cross‑domain movement.
 

Because adversaries prioritize quiet, long-term access rather than immediate disruption, many organizations only discover exposure after operations are impacted—unless readiness is actively validated.

Next steps

Take action: Validate resilience before it’s tested

Here is what every CI leader reading this should ask themselves: have threat actors already established the access they need and how would I know?

Operational resilience depends on verified assurance, not assumptions. Security leaders must confirm that identity pathways are hardened, exposure is reduced, and adversaries have not established durable footholds. A proactive compromise assessment delivered by Microsoft Incident Response can determine whether adversaries are already present—active or dormant—and help close high-risk gaps before disruption occurs.

For more information, read our blog post, Explore the latest Microsoft Incident Response proactive services for enhanced resilience, or access the CI readiness resources.

Contact your Microsoft representative to schedule a proactive compromise assessment and validate your resilience posture.

Explore resources for CI readiness

The post The threat to critical infrastructure has changed. Has your readiness? appeared first on Microsoft Security Blog.

Critical infrastructure (CI) organizations underpin national security, public safety, and the economy. In 2026, the cyber threat landscape facing these sectors is structurally different than it was even two years ago. What Microsoft Threat Intelligence is observing across critical infrastructure environments right now is not a forecast. It is already happening. Threat actors are no longer focused solely on data theft or opportunistic disruption. They are establishing persistent access, footholds they can sit in quietly, undetected, and activate at the moment of maximum disruption. That is the threat CI leaders need to be preparing for today. Not someday. Now.

Given these rising threats, governments worldwide are advancing policies and regulations to require critical infrastructure organizations to prioritize continuous readiness and proactive defense. The regulatory trajectory is clear. The U.S. National Cybersecurity Strategy published in March 2023 explicitly frames cybersecurity of critical infrastructure as a national security imperative. Japan issued a basic policy to implement the Active Cyber Defense legislation in 2025. Europe continues to implement the NIS2 Directive across the essential sectors. And Canada is advancing a more prescriptive approach to critical infrastructure security through Bill C8.

What Microsoft Threat Intelligence hears from law enforcement agencies reinforces what we observe in our own telemetry. For example, Operation Winter SHIELD is a joint initiative led by the FBI Cyber Division focused on helping CI organizations move from awareness to verified readiness. Implementation not just awareness, not just policy. It is what closes the gap between knowing you are a target and being ready when it matters.

The water sector offers a clear illustration of what that implementation gap looks like in practice and what it takes to close it. The findings from Microsoft, released on March 19, 2026, in collaboration with the Cyber Readiness Institute and the Center on Cyber Technology and Innovation show that hands-on coaching paired with practical training materially improves cyber readiness in water and wastewater utilities in ways that guidance alone does not. When attacks succeed, communities face safety concerns, loss of trust, and service disruptions. That is not an abstraction. That is what is at stake across every CI sector.

To say that environments CI organizations are defending today were not designed for the threat they are facing is an understatement. Legacy systems now operate within hybrid IT–OT environments connected by cloud-based identity, remote access, and complex vendor ecosystems that did not exist when those systems were built. Identity has become the central control layer across all of it. Microsoft Threat Intelligence and Incident Response investigations show a convergence of identity-driven intrusion, living-off-the-land (LOTL) persistence, and nation-state prepositioning across CI. Against this backdrop, five facts define the resilience priorities CI leaders must address in 2026.

Explore CI readiness resources

Five critical threat realities

Five facts CI leaders can’t ignore

Today’s threat landscape reflects five structural realities: identity as the primary entry point, hybrid IT–OT architecture expanding attacker reach, nation-state pre-positioning as an ongoing concern, preventable exposure continuing to drive intrusions, and a shift from data compromise to operational disruption. Together, these dynamics are reshaping critical infrastructure resilience in 2026.

1. Identity is the dominant attack pathway into CI environments

Identity is where we see attackers start, almost every time. In CI environments, identity bridges enterprise IT and operational technology, making it the primary attack path. More than 97% of identity-based attacks target password-based authentication, most commonly through password spray or brute force techniques. As identity systems centralize access to cloud and operational assets, adversaries rely on LOTL techniques and legitimate credentials to evade detection. Because identity now governs access across these connected domains, a single compromised account can provide privileged reach into operationally relevant systems.
 

2. Cloud and hybrid environments expand operational risk

The cloud did not just change how CI organizations operate. It changed how attackers get in and how far they can go. Cloud and hybrid incidents increased 26% in early 2025 as identity, automation, and remote management converged within cloud control planes. Microsoft research shows 18% of intrusions originate from web-facing assets, 12% from exposed remote services, and 3% from supply chain pathways. As long-lived OT systems depend on cloud-based identity and centralized remote access, identity compromise can extend beyond IT into operational environments. Incidents that once remained contained within IT environments can now extend directly into operational systems. For CI operators, this means cloud and hybrid architecture now directly influence operational resilience—not just IT security.

3. Nation-state prepositioning is a strategic reality

This is the one that keeps me up at night. Nation-state operators are actively maintaining long-term, low-visibility access inside U.S. critical infrastructure environments. Microsoft and the Cybersecurity and Infrastructure Security Agency (CISA) have documented campaigns attributed to Volt Typhoon, a PRC state-sponsored actor, in which intruders relied on valid credentials and built-in administrative tools rather than custom malware to evade detection across sectors. Using LOTL techniques and legitimate accounts, these actors embed within routine operations and persist where IT and OT visibility gaps exist. CISA Advisory AA24-038A warns that PRC state-sponsored actors are maintaining persistent access to U.S. critical infrastructure that could be activated during a future crisis. For security leaders, this represents sustained, deliberate positioning inside operational environments and underscores how adversaries shape conditions for future leverage.

4. Exposure and misconfiguration enable initial access

Most of what Microsoft sees in our investigations is not sophisticated. It is preventable. Most intrusions into critical infrastructure begin with preventable exposure rather than advanced exploits. Internet-facing VPNs left enabled too long, contractor identities that outlive project timelines, misconfigured cloud tenants, and dormant privileged accounts create quiet, low-effort entry points. Microsoft research shows that 12% of intrusions originate from exposed remote services. Over time, configuration drift and unmanaged access expand the attack surface, allowing adversaries to gain initial access before persistence or lateral movement is required. Reducing unnecessary exposure remains one of the highest-leverage risk-reduction actions available to CI operators.

5. Operational impact is increasing

The goal has shifted. Attackers are no longer just trying to steal data. They are trying to take things offline. Operational disruption is becoming a primary objective, not a secondary outcome. Attack campaigns surged 87% in early 2025, alongside increased destructive cloud activity and hands-on-keyboard operations targeting critical infrastructure. Identity systems, cloud control planes, and remote management layers are targeted because they provide direct operational leverage. For CI operators, the impact extends beyond data loss to service availability and physical processes. Organizations must ensure operational pathways are resilient against disruptive activity, not only monitored for signs of compromise.

Common attack patterns

Scenario patterns observed in CI environments

These are not hypothetical. They are patterns we see repeatedly in incident response engagements across sectors. The actors may vary. The access pathways do not.

Continuous Readiness approach

Four reinforcing pillars of continuous readiness

Point-in-time hardening does not work against attackers who are playing a long game. In hybrid IT–OT environments, resilience requires sustained practices, not one-time fixes. CI leaders need a continuous approach that strengthens identity, reduces exposure, increases cross-domain visibility, and ensures effective response. Microsoft’s work across critical infrastructure environments consistently highlights four reinforcing pillars:

Readiness validation

Why continuous readiness works

Continuous readiness is most effective when it is grounded in integrated visibility across identity, endpoint, and cloud environments, particularly in hybrid IT–OT architectures common to critical infrastructure. Microsoft’s telemetry enables investigators to correlate activity across these domains, surfacing patterns that isolated tools may miss. CI-informed playbooks, shaped by incident response engagements across sectors, help organizations prioritize the pathways most likely to affect operations. In practice, readiness engagements frequently uncover active or dormant compromise, reinforcing the importance of validating resilience before disruption occurs. For CI leaders, this visibility and correlation are especially critical given the operational consequences of undetected identity misuse or cross‑domain movement.
 

Because adversaries prioritize quiet, long-term access rather than immediate disruption, many organizations only discover exposure after operations are impacted—unless readiness is actively validated.

Next steps

Take action: Validate resilience before it’s tested

Here is what every CI leader reading this should ask themselves: have threat actors already established the access they need and how would I know?

Operational resilience depends on verified assurance, not assumptions. Security leaders must confirm that identity pathways are hardened, exposure is reduced, and adversaries have not established durable footholds. A proactive compromise assessment delivered by Microsoft Incident Response can determine whether adversaries are already present—active or dormant—and help close high-risk gaps before disruption occurs.

For more information, read our blog post, Explore the latest Microsoft Incident Response proactive services for enhanced resilience, or access the CI readiness resources.

Contact your Microsoft representative to schedule a proactive compromise assessment and validate your resilience posture.

Explore resources for CI readiness

The post The threat to critical infrastructure has changed. Has your readiness? appeared first on Microsoft Security Blog.