Microsoft announced a comprehensive new European Security Program in Berlin today, designed to combat the evolving cyber threat landscape targeting European networks from state-sponsored actors and criminal organizations.
The initiative expands the company’s existing global Government Security Program and will be made available free of charge to all 27 European Union member states, EU accession countries, EFTA members, the UK, Monaco, and the Vatican.
The technology giant’s decision comes as European networks face persistent attacks from sophisticated threat actors, particularly from Russia, China, Iran, and North Korea.
Microsoft threat intelligence indicates that Russian and Chinese activity remains particularly prolific across Europe, with Russia maintaining special focus on Ukraine and European nations supporting Ukraine.
The company has observed nation-state actors pursuing espionage objectives through credential theft and vulnerability exploitation to access corporate and government networks.
Chinese campaigns have specifically targeted academic institutions to compromise sensitive research data and conduct geopolitical espionage against think tanks.
Beyond state-sponsored threats, cybercriminals continue developing Ransomware-as-a-Service operations, with illicit websites rapidly gaining followers by sharing ransomware insights for criminal groups conducting attacks across Europe.
The rise of artificial intelligence has further complicated the threat landscape, with Microsoft observing AI use by threat actors for reconnaissance, vulnerability research, social engineering, and brute force attacks.
Three-Pillar Program
The European Security Program introduces three key elements to strengthen continental cybersecurity defenses.
First, the program will increase AI-based threat intelligence sharing with European governments, providing real-time, actionable intelligence tailored to discrete national threat environments.
Second, Microsoft will make additional investments to strengthen cybersecurity capacity and resilience through enhanced public-private collaboration.
This includes a new pilot program with Europol’s European Cybercrime Centre, embedding Microsoft Digital Crimes Unit investigators at EC3 headquarters in The Hague.
The company is also expanding cybersecurity support to the Western Balkans through collaboration with the Western Balkans Cyber Capacity Centre and advancing AI security research with the UK’s Laboratory for AI Security Research.
Third, the program expands partnerships to disrupt cyberattacks and dismantle cybercriminal networks through coordinated law enforcement operations and innovative technological solutions.
Signal Aggressive Approach
According to Report, Microsoft’s commitment to proactive cybercrime disruption was demonstrated last month when the Digital Crimes Unit worked with Europol to take down Lumma, a prolific infostealer malware that infected nearly 400,000 devices globally within two months.
The operation successfully seized or blocked over 2,300 command-and-control domains.
To accelerate future takedowns, Microsoft launched the Statutory Automated Disruption Program in April 2025, which automates legal abuse notifications to hosting providers for faster removal of malicious domains and IP addresses.
Since 2016, the company has filed seven legal actions against nation-state threat actors, most recently disrupting Russian actor Star Blizzard in September 2024, seizing over 140 malicious domains.
The comprehensive program represents Microsoft’s long-term commitment to defending Europe’s digital ecosystem, ensuring the company remains a trusted partner in securing the continent’s digital future against evolving cyber threats.
Find this Story Interesting! Follow us on LinkedIn and X to Get More Instant Updates.
