_.png)
![[The AI Show Episode 151]: Anthropic CEO: AI Will Destroy 50% of Entry-Level Jobs, Veo 3’s Scary Lifelike Videos, Meta Aims to Fully Automate Ads & Perplexity’s Burning Cash](https://www.marketingaiinstitute.com/hubfs/ep%20151%20cover.png)
![[FREE EBOOKS] Solutions Architect’s Handbook, Continuous Testing, Quality, Security, and Feedback & Four More Best Selling Titles](https://www.javacodegeeks.com/wp-content/uploads/2012/12/jcg-logo.jpg){kind=logo}
![From electrical engineering student to CTO with Hitesh Choudhary [Podcast #175]](https://cdn.hashnode.com/res/hashnode/image/upload/v1749158756824/3996a2ad-53e5-4a8f-ab97-2c77a6f66ba3.png?#)
_Michael_Vi_Alamy.jpg?width=1280&auto=webp&quality=80&disable=upscale#)
![watchOS 26 May Bring Third-Party Widgets to Control Center [Report]](https://www.iclarified.com/images/news/97520/97520/97520-640.jpg)
![AirPods Pro 2 On Sale for $169 — Save $80! [Deal]](https://www.iclarified.com/images/news/97526/97526/97526-640.jpg)
Microsoft Unveils European Security Program to Target Cybercriminal Networks
To combat malicious actors across Europe, Microsoft has introduced a comprehensive European Security Program designed to tackle sophisticated cybercriminal networks targeting European infrastructure. Announced in Berlin on June 4, 2025, the initiative specifically targets ransomware groups and state-sponsored threat actors from Russia, China, Iran, and North Korea, who continue to evolve in scope and sophistication. […] The post Microsoft Unveils European Security Program to Target Cybercriminal Networks appeared first on Cyber Security News.
To combat malicious actors across Europe, Microsoft has introduced a comprehensive European Security Program designed to tackle sophisticated cybercriminal networks targeting European infrastructure.
Announced in Berlin on June 4, 2025, the initiative specifically targets ransomware groups and state-sponsored threat actors from Russia, China, Iran, and North Korea, who continue to evolve in scope and sophistication.
AI-Powered Threat Intelligence Operations
The program leverages artificial intelligence to enhance threat detection and intelligence sharing with European governments across all 27 EU member states, accession countries, EFTA members, the UK, Monaco, and the Vatican.
Microsoft’s Government Security Program (GSP) will now provide real-time, AI-tailored threat intelligence to help governments understand evolving attack vectors and nation-state tactics.
The company has observed threat actors using AI for reconnaissance, vulnerability research, LLM-refined operational command techniques, detection evasion, and social engineering attacks.
Microsoft’s Threat Analysis Center (MTAC) employs AI algorithms to identify commonalities across foreign influence operations, particularly those utilizing deepfake synthetic media to deceive European audiences.
The enhanced intelligence sharing includes structured programs such as the Microsoft Security Update Guide and Defender Vulnerability Management, providing prioritized security communications and vulnerability remediation guidance to participating governments.
Automated Disruption Technologies
A cornerstone of the dismantling effort is Microsoft’s newly launched Statutory Automated Disruption (SAD) Program, implemented in April 2025, which automates legal abuse notifications to hosting providers for faster removal of malicious domains and IP addresses.
This technology-driven approach significantly raises operational costs for cybercriminals and reduces their ability to scale attacks across European networks.
The program’s effectiveness was demonstrated in the recent takedown of Lumma, a prolific infostealer malware that infected nearly 400,000 devices globally within two months, with a significant European impact.
The Digital Crimes Unit (DCU), in collaboration with Europol, successfully seized or blocked over 2,300 command-and-control domains, severely disrupting the malware’s infrastructure.
Spain, France, Italy, and Germany represented the highest victim counts in Europe during the Lumma operation.
Microsoft’s expanded partnership framework includes embedding DCU investigators at Europol’s European Cybercrime Centre (EC3) headquarters in The Hague to enhance operational coordination and enable joint investigations.
The company has historically filed seven legal actions since 2016 against nation-state actors, internally designated by weather-themed codenames: Blizzard (Russia), Typhoon (China), Sandstorm (Iran), and Sleet (North Korea).
The most recent disruption targeted Russian actor Star Blizzard in September 2024, resulting in the seizure of over 140 malicious domains and forcing significant operational changes to the threat group’s attack methodology.
The initiative extends to the Western Balkans through collaboration with the Western Balkans Cyber Capacity Centre (WB3C), addressing cybersecurity gaps in regions where malicious actors seek to destabilize EU-bordering countries.
Microsoft’s three-year partnership with the CyberPeace Institute continues to support NGO cybersecurity efforts, with nearly 100 Microsoft employees volunteering expertise to trace ransomware origins and identify threat actor safe havens.
Speed up and enrich threat investigations with Threat Intelligence Lookup! -> 50 trial search requests
The post Microsoft Unveils European Security Program to Target Cybercriminal Networks appeared first on Cyber Security News.
