Cyber-attacks have degraded the systems of Ukrainian institutions, have sought to disrupt the population’s access to reliable information and critical essential services, and have sought to undermine confidence in the country’s leadership.
This is reflected in the report published by Microsoft detailing the persistent Russian cyberattacks in the hybrid war against Ukraine, and the actions that the company has carried out to help protect Ukrainian people and organizations.
And it is that, shortly before the beginning of the invasion, the company observed that at least 6 nation-state actors aligned with Russia launched more than 237 operations against Ukraine, accompanied by espionage and intelligence activities that affect other NATO member states. , in addition to some disinformation activity.
Russian cyber attacks
Russian cyberattacks appear to be strongly correlated and directly synchronized with their military operations to support the military’s strategic and tactical objectives – hybrid warfare. The report points to about 40 destructive attacks:
- 32% were directed to national, local and regional government organizations
- 40% to organizations in the infrastructure sector, which could have had negative effects on the country’s army, economy and citizens
Actors involved in these attacks are using a variety of techniques to gain access to their targets, including phishing, use of unpatched vulnerabilities, and compromising IT service providers. These actors often modify their malware with each deployment in order to evade detection.
Microsoft Releases Report on Russia’s Persistent and Destructive Cyberattacks on Ukraine
Specifically, the report attributes the wiper-type malware (destructive malware or virus, whose objective is to cause total and permanent unavailability of the target system), of which the company has previously warned, to a nation-state actor aligned with Russia and called Iridium.
Microsoft also notes that it has observed Russian-aligned actors operating in Ukraine show interest in or conduct operations against Baltic and Turkish organizations. That is, from NATO member states that actively provide political, humanitarian or military support to Ukraine.
Microsoft, working closely with the Ukrainian government
Microsoft security teams have worked closely with Ukrainian government officials, cybersecurity personnel from government organizations, and private companies to identify and remediate threat activity against Ukrainian networks.
The company believes that as these Russia-aligned nation-state actors have been replicating and escalating military actions, cyberattacks will too, as the conflict unfolds.
George is Digismak’s reported cum editor with 13 years of experience in Journalism