Microsoft warns Russian cyberattacks can be expanded
Russian cyberattacks related to the war in Ukraine could be expanded and target also countries providing military assistance to Ukraine, Microsoft´s corporate vice president Tom Burt warns in a blog post. The company has observed Russian-aligned actors active in Ukraine showing interest in or conduct operations against organizations in the Baltics and Turkey – all NATO member states.
The alerts published should be taken seriously and the recommended defensive and resilience measures should be taken – especially by government agencies and critical infrastructure enterprises, Microsoft says.
”Given Russian threat actors have been mirroring and augmenting military actions, we believe cyberattacks will continue to escalate as the conflict rages. Russian nation-state threat actors may be tasked to expand their destructive actions outside of Ukraine to retaliate against those countries that decide to provide more military assistance to Ukraine and take more punitive measures against the Russian government in response to the continued aggression.”
”Starting just before the invasion, we have seen at least six separate Russia-aligned nation-state actors launch more than 237 operations against Ukraine – including destructive attacks that are ongoing and threaten civilian welfare. The destructive attacks have also been accompanied by broad espionage and intelligence activities.”
“Russia’s use of cyberattacks appears to be strongly correlated and sometimes directly timed with its kinetic military operations targeting services and institutions crucial for civilians.”
”The destructive attacks we’ve observed – numbering close to 40, targeting hundreds of systems – have been especially concerning: 32% of destructive attacks directly targeted Ukrainian government organizations at the national, regional and city levels. More than 40% of destructive attacks were aimed at organizations in critical infrastructure sectors that could have negative second-order effects on the Ukrainian government, military, economy and civilians.”
The report stresses that the cyberattacks started long before Russia attacked Ukraine. “Russia-aligned actors began pre-positioning for conflict as early as March 2021, escalating actions against organizations inside or allied with Ukraine to gain a larger foothold into Ukrainian systems.
“When Russian troops first started to move toward the border with Ukraine, we saw efforts to gain initial access to targets that could provide intelligence on Ukraine’s military and foreign partnerships. By mid-2021, Russian actors were targeting supply chain vendors in Ukraine and abroad to secure further access not only to systems in Ukraine but also NATO member states. In early 2022, when diplomatic efforts failed to de-escalate mounting tensions around Russia’s military build-up along Ukraine’s borders, Russian actors launched destructive wiper malware attacks against Ukrainian organizations with increasing intensity.”
Moonshot News is an independent European news website for all IT, Media and Advertising professionals, powered by women and with a focus on driving the narrative for diversity, inclusion and gender equality in the industry.
Our mission is to provide top and unbiased information for all professionals and to make sure that women get their fair share of voice in the news and in the spotlight!
We produce original content, news articles, a curated calendar of industry events and a database of women IT, Media and Advertising associations.
