Microsoft Details Cyberwar on Ukraine

May 11, 2022 by Madeline Hughes
Microsoft Details Cyberwar on Ukraine
Russia's Sudzha gas pumping station is seen, Sunday, Jan. 11, 2009. The shutdown of a gas pipeline through Russian-held territory in Ukraine is sending a new wave of energy jitters through Europe. (AP Photo/Sergei Chuzavkov, file)

WASHINGTON — As the war rages on, information and public trust in the government are two of Russia’s top targets in Ukraine, according to a new report from Microsoft.

“Collectively, the cyber and kinetic actions work to disrupt or degrade Ukrainian government and military functions to undermine the public’s trust in those institutions,” the report said.

Microsoft released this report about a “hybrid” war just over two months into the physical war started by Russia as the company is working with the Ukrainian government via secure communications channels to alert the government about these cyberattacks via malware. The company is releasing details about the attacks so “others in the security community can continue to identify and defend against this activity,” according to a statement.

The Russian government and other groups with ties to the country conducted about 40 known destructive cyberattacks on Ukraine and organizations within the country between February 23 and April 8, according to the report. The Ukrainian government was the most targeted, receiving 19 destructive attacks. IT services, energy and media companies were the other most highly targeted industries, according to the report.

And there’s likely more malware to be discovered, the report said.

“Microsoft has also observed that the threat actors are slightly modifying the malware to evade detection with each wave of deployment. Acknowledging that there is ongoing activity that we cannot see, we estimate there have been at least eight destructive malware families deployed on Ukrainian networks, including one tailored to industrial control systems,” the report said. “If threat actors can maintain the current pace of development and deployment, we anticipate more destructive malware will be discovered as the conflict continues.”

Between July 2020 and June 2021 Ukraine was the recipient of the second-most “nation state threat activity,” the report said. During that year, 46% of attacks were directed at the U.S. while Ukraine received 19%, above the United Kingdom, which was the third-most targeted country at 9%, according to the report. That same year Microsoft observed Russia ramping up its activity, the report said.

Since Ukraine has been under physical attack, Microsoft has observed some “computer network attacks immediately preceded a military attack, but those instances have been rare from our perspective.”

One specific instance listed in the report was the attack on Kyiv-based media. On February 1 a missile struck a TV tower and a media company in the city was “compromised.”

While it’s unclear if cyberattackers and the military are working in tandem, many of the attacks create “a chaotic information environment, but Microsoft is not able to evaluate their broader strategic impact,” the report said.

And while Ukraine is the main target right now, “Microsoft encourages all organizations that are directly or indirectly associated with the conflict in Ukraine to proactively protect themselves from the threats described in this report and actively monitor for similar actions in their environment,” the report said. “Any organization that may be faced with defending their systems in future conflicts can follow the same general guidance to improve their defense against malicious cyber activity during conflicts.”

Multi-factor authentication and identity detection tools are two of the most important ways individuals can protect their systems, because stolen credentials have been one of the main ways Russia is getting into systems, the report said.

Isolating information through programs such as Microsoft’s Attack Surface Reduction and Control Folder Access are also important for ensuring ransomware attacks are not as destructive, the report said. Those programs that isolate information within a system protect against the malware that will wipe out the information.

“We’ve observed Russian-aligned actors active in Ukraine show interest in or conduct operations against organizations in the Baltics and Turkey — all [North Atlantic Treaty Organization] member states actively providing political, humanitarian or military support to Ukraine,” the company said in a statement released with the report. “The alerts published by [the Cybersecurity and Infrastructure Security Agency] and other U.S. government agencies, and cyber-officials in other countries, should be taken seriously and the recommended defensive and resilience measures should be taken — especially by government agencies and critical infrastructure enterprises.”

Madeline can be reached at [email protected] and @MadelineHughes

A+
a-
  • cybercrime
  • Microsoft
  • Ukraine
  • In The News

    Health

    Voting

    Technology

    March 21, 2024
    by Tom Ramstack
    Lawmakers Say US Semiconductors Sometimes Used by Foreign Adversaries

    WASHINGTON — A congressional panel juggled competing interests Thursday of trying to lead the world in industrial development without having... Read More

    WASHINGTON — A congressional panel juggled competing interests Thursday of trying to lead the world in industrial development without having the new technologies fall into the hands of foreign militaries that might want to harm the United States. More than anything, lawmakers want more and better... Read More

    March 21, 2024
    by Dan McCue
    DOJ, 16 States Sue Apple Over Alleged Smartphone Monopoly

    WASHINGTON — The Justice Department and 16 state attorneys general sued Apple on Thursday accusing the Cupertino, California-based tech giant... Read More

    WASHINGTON — The Justice Department and 16 state attorneys general sued Apple on Thursday accusing the Cupertino, California-based tech giant of operating an illegal monopoly in the smartphone market. According to the lawsuit, which was filed in federal court in New Jersey, Apple has used the... Read More

    House Passes Bill That Would Lead to TikTok Ban if Chinese Owner Doesn't Sell. Senate Path Unclear

    WASHINGTON (AP) — The House on Wednesday passed a bill that would lead to a nationwide ban of the popular video app... Read More

    WASHINGTON (AP) — The House on Wednesday passed a bill that would lead to a nationwide ban of the popular video app TikTok if its China-based owner doesn't sell, as lawmakers acted on concerns that the company's current ownership structure is a national security threat. The bill, passed by... Read More

    In New York City, Heat Pumps That Fit in Apartment Windows Promise Big Emissions Cuts

    NEW YORK (AP) — For 27 years, the heat in Regina Fred’s Queens apartment building came from a noisy steam... Read More

    NEW YORK (AP) — For 27 years, the heat in Regina Fred’s Queens apartment building came from a noisy steam radiator that she couldn't control and sometimes didn't come on at all, leaving her shivering. Sometimes, the radiators ran so hot that residents had to keep... Read More

    March 7, 2024
    by Tom Ramstack
    Congress Warned US Competition for Biotechnology Creates Promises and Perils

    WASHINGTON — New scientific discoveries mean the future is bright for biotechnology but laced with many dangers in the competition... Read More

    WASHINGTON — New scientific discoveries mean the future is bright for biotechnology but laced with many dangers in the competition with China, according to expert witnesses at a congressional hearing Wednesday. China’s military dominance of its industries means its biotechnology could be used to find weaknesses... Read More

    March 7, 2024
    by Dan McCue
    Bipartisan Bill Seeks to Protect Americans Against Foreign Adversaries

    WASHINGTON — A bipartisan bill in the House seeks to protect Americans from the prying eyes of foreign adversaries by... Read More

    WASHINGTON — A bipartisan bill in the House seeks to protect Americans from the prying eyes of foreign adversaries by tightening their reins on ByteDance applications, including TikTok. The bill, introduced by Reps. Josh Gottheimer, D-N.J., Mike Gallagher, R-Wis., and Raja Krishnamoorthi, D-Ill., aims to empower... Read More

    News From The Well
    scroll top