Microsoft has launched a new cybersecurity initiative aimed at strengthening the digital defenses of European governments — free of charge. Announced on Wednesday, the program is designed to counter a growing wave of cyber threats, many of which are enhanced by artificial intelligence and linked to state-sponsored actors from countries such as China, Iran, North Korea, and Russia.
Microsoft, in a blog post, said the initiative focuses on boosting intelligence-sharing across Europe and helping public institutions prevent and disrupt increasingly sophisticated cyberattacks. Microsoft President Brad Smith emphasized the company’s commitment to transferring its advanced U.S.-based cybersecurity capabilities to Europe. “If we can bring more to Europe of what we have developed in the United States, that will strengthen cybersecurity protection for more European institutions,” Smith told Reuters.
The free offer comes at a critical time, as attackers increasingly exploit generative AI to scale their operations — from disrupting infrastructure to spreading disinformation. Despite the weaponization of AI by malicious actors, Smith stressed that AI also holds powerful potential as a defensive asset. “Our goal needs to be to keep AI advancing as a defensive tool faster than it advances as an offensive weapon,” he said.
Microsoft’s program includes tracking the use of its AI models to detect malicious activities and blocking access to known cybercriminals. The company has already seen the damaging effects of AI-generated deepfakes, such as a fake video of Ukrainian President Volodymyr Zelenskiy and a manipulated audio clip that influenced the Slovakian election in 2023.
Enhanced Threat Intelligence Sharing
Building on its long-standing Government Security Program (GSP), Microsoft is intensifying real-time threat intelligence sharing tailored to national needs across Europe. Leveraging AI, Microsoft offers advanced insights into the tactics and tools used by sophisticated threat actors, including those deploying deepfakes and synthetic media. Key intelligence streams will be provided through Microsoft’s Threat Analysis Center (MTAC), Digital Crimes Unit (DCU), and other specialized teams to empower faster, more informed responses from government agencies.
Cybercrime Disruption and Public-Private Collaboration
Microsoft is expanding its Cybercrime Threat Intelligence Program (CTIP) and embedding DCU investigators within Europol’s European Cybercrime Centre (EC3) to deepen coordination on joint investigations and takedowns. This includes recent actions such as the disruption of the Lumma infostealer malware, which infected nearly 400,000 devices globally—many in Europe. Microsoft also introduced the Statutory Automated Disruption (SAD) Program to streamline the takedown of malicious domains.
Support for Civil Society and Vulnerable Regions
Through continued partnerships like the one with the CyberPeace Institute and a new collaboration with the Western Balkans Cyber Capacity Centre (WB3C), Microsoft is extending security support to under-resourced yet strategically significant regions. These initiatives are designed to help NGOs and governments trace ransomware origins, defend against targeted attacks, and build long-term digital resilience.
Driving AI-Cybersecurity Innovation
Microsoft is investing in AI-focused cybersecurity research via partnerships with institutions such as the UK’s Laboratory for AI Security Research (LASR). These collaborations will explore emerging threats, including those linked to agentic AI systems and critical infrastructure. At the same time, Microsoft is enhancing open-source security through GitHub’s Secure Open Source Fund, which is backing vital European software projects like Log4J and Scancode.
Coordinated Legal and Operational Action
Microsoft has pursued several legal campaigns to disrupt the operations of nation-state actors from Russia, China, Iran, and North Korea. One of the most significant actions was the takedown of infrastructure operated by the Russian group Star Blizzard. Through domain seizures and public exposure, Microsoft curtailed their operations targeting NATO and political entities in the UK.
By offering this advanced cybersecurity support for free, Microsoft is positioning itself as a key ally for governments in the escalating battle between AI-driven threats and defenses. More cybersecurity initiatives are expected to be announced by the company later this month.
InfotechLead.com News Desk
