Hello. It looks like youre using an ad blocker that may prevent our website from working properly. To receive the best Tortoise experience possible, please make sure any blockers are switched off and refresh the page.

If you have any questions or need help, let us know at memberhelp@tortoisemedia.com

Digital Defence Department

Digital Defence Department

State-sponsored cyber attacks are on the rise, and while there are numerous perpetrators, there’s one which sponsors the attacks more than any other – Russia. Is Microsoft the first, best line of defence?

Here’s what you need to know this week:

  • State affairs: Microsoft revealed the extent of the Russian cyber threat


  • Tencent analysts gave it a “buy” rating 
  • Apple faced multiple antitrust measures
  • Google launched a sustainability drive (which might actually work)
  • Facebook admitted it would pay more tax under a new global deal
  • Amazon failed to disclose details about its $15bn ad business

State affairs: Digital Defence Department

Eugene Kaspersky, the Russian CEO of Kaspersky Lab, is very clear about who’s responsible for the most serious cyberattacks around the world. Junior cyber criminals might speak all sorts of languages, he said. “But the professional hackers? The ones responsible for state-sponsored attacks? They all speak Russian.”

Kaspersky was speaking at the Tortoise Cyber Summit (catch up with the event here). And he wasn’t the only one to finger Russia as the key cyber threat. Tom Hurd, the former head of the UK’s joint biosecurity centre, said this: “The Russian state doesn’t control the ransomware gangs, and don’t direct their attacks on a systematic basis, but they do provide them with a license to operate… and I’m pretty certain they’re taking a cut of the winnings.”

Kaspersky and Hurd were prescient. Barely a week after our summit, Microsoft – one of the tech states we report on – released its Digital Defense Report for 2021. The results are startling: During the past year, 58 per cent of all cyberattacks observed by Microsoft from nation states have come from Russia.

Here are some of the key findings: 

  • Attacks from Russian nation state actors are increasingly effective, jumping from a 21 per cent successful compromise rate last year to a 32 per cent rate this year. 
  • Russian hackers are increasingly targeting government agencies for intelligence gathering. Such agencies accounted for 3 per cent of their targets a year ago – and 53 per cent this year. 
  • The top three countries targeted by Russia were the United States, Ukraine and the UK.  

Russia is far from being the only nation state “bad actor”. Usual suspects North Korea, Iran, China, South Korea are named by Microsoft as responsible for the largest volume of attacks, as was (more surprisingly) Turkey. 

These days, big tech’s role in protecting countries from cybercrime extends well beyond writing reports. In August, Amazon, Google and Microsoft were among companies that agreed to join a new Joint Cyber Defense Collaborative set up by the not so snappily named Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency.

Headed by Jen Easterly, who also spoke at our Cyber Summit, the JCDC wants to bolster cooperation with industry to combat ransomware, for instance by creating an agreed response to any attack. Easterly was right to say, however, that most of the work currently done in this area is “reactive”. Microsoft’s report shows that cybersecurity is one area where Russia and other traditional nation states have the upper hand over the new tech states (at least for the moment). 

Incidentally, the Microsoft report raises a wider question about oversight. Microsoft based its cybersecurity findings on 24 trillion daily signals across its cloud system, and included input from 8,500 security experts. Is it now a de facto cybersecurity monitoring body, with more insight than government intelligence agencies (acting like a digital defence department for whichever government it likes)? And, if so, should we be grateful… or concerned? 

Apple: Antitrust

You wait years for an antitrust measure, and then three come along at once. In one 24-hour period last week: the EU announced it was preparing an antitrust charge over Apple’s use of the NFC chip in the iPhone; the Dutch antitrust authority determined that Apple’s rules governing its in-app payment system were anti-competitive; and Japan’s Fair Trade Commission announced an investigation into Apple’s App Store dominance. As US tech expert Casey Newton points out, these decisions follow Apple’s court case against Epic – which also revolved around app store policies. Although both sides claimed victory, it’s clear the decision shifted the dial against Apple in significant ways. In the weeks following the case, for instance, countries like South Korea and India limited Apple’s ability to set rules within the App Store, taking a few more bricks out of its walled garden. 

Google: Sustainability

Google appears to be increasing its focus on sustainability and this may start to tell on YouTube. Last week the tech state announced a policy prohibiting climate change deniers from monetizing content on its platforms. The big question is: how will Google police this? It says it will use a combination of automated tools and human review, but previous attempts to crack down on dodgy online advertising placement have not been that effective. Credit where it’s due: this is at least an attempt to get a handle on the problem. Google is really pushing sustainability at the moment. Its Maps product now offers “eco-friendly” routes and its hotel search shows if a hotel has made sustainability commitments. These seem like genuinely useful additions. 

Amazon: Advertising

A fascinating snippet from Ben Evans this week. He notes that Amazon has a $15 billion plus advertising business with an extremely low profile. In Amazon’s accounts, it is simply included in “other revenue” with no significant further details attached. When, Evans asks, do disclosure rules oblige Amazon to break out further figures? The ad business might be producing as much cash as AWS, Amazon’s power house cloud system. Apparently the Amazon executive running the business – a man named Paul Kotas – doesn’t even introduce himself at meetings. 

Facebook: Taxation

The price of tiny violins just rocketed (h/t Azeem Azhar). Facebook has complained that an international deal setting a global minimum corporate tax rate could see it pay more tax. To be fair to Facebook (not something we have to say often), the company welcomed the progress made by a group of 136 countries to set a minimum tax rate of 15 per cent for big companies. It seems that – at least on the surface – more certainty on multinational tax rates might be a price worth paying for. However, the deal is being attacked from both sides. Oxfam and other campaigners say it has “no teeth”. And in Washington, a group of Republican US senators have voiced “serious concerns”. Still… progress has been made.

Tencent: Buy rating

It’s been bad news for weeks for Tencent, buffeted by a wave of new anti-big-tech regulations from its own government in China. But now: a ray of light. Jeffries, the analysts, say further Chinese clampdowns on online gaming (a key part of Tencent’s business) have been priced into Tencent’s shares. Jeffries has maintained its buy rating on the stock, and expects 16 per cent revenue growth in the third quarter. Why? A combination of factors, including rising ad revenue from this Winter’s Olympics in China and a hotly anticipated League of Legends release on Friday. On 10 November Tencent will report its earnings, which will give us more of a clue as to its trajectory. 

Thanks for reading,

Alexi Mostrous

Luke Gbedemah