Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cyberwarfare

Microsoft: Russian Cyber Spying Targets 42 Ukraine Allies

Russia, Ukraine Cyberattacks

Russia, Ukraine Cyberattacks

Coinciding with unrelenting cyberattacks against Ukraine, state-backed Russian hackers have engaged in “strategic espionage” against governments, think tanks, businesses and aid groups in 42 countries supporting Kyiv, Microsoft said in a report Wednesday.

“Since the start of the war, the Russian targeting (of Ukraine’s allies) has been successful 29 percent of the time,” Microsoft President Brad Smith wrote, with data stolen in at least one-quarter of the successful network intrusions,

“As a coalition of countries has come together to defend Ukraine, Russian intelligence agencies have stepped up network penetration and espionage activities targeting allied governments outside Ukraine,” Smith said.

Nearly two-thirds of the cyberespionage targets involved NATO members. The United States was the prime target and Poland, the main conduit for military assistance flowing to Ukraine, was No. 2. In the past two months, Denmark, Norway, Finland, Sweden and Turkey have seen stepped-up targeting,

A striking exception is Estonia, where Microsoft said it has detected no Russian cyber intrusions since Russia invaded Ukraine on Feb. 24. The company credited Estonia’s adoption of cloud computing, where it’s easier to detect intruders. “Significant collective defensive weaknesses remain” among some other European governments, Microsoft said, without identifying them.

Half of the 128 organizations targeted are government agencies and 12% are nongovernmental agencies, typically think tanks or humanitarian groups, according to the 28-page report. Other targets include telecommunications, energy and defense companies.

Microsoft said Ukraine’s cyber defenses “have proven stronger” overall than Russia’s capabilities in “waves of destructive cyberattacks against 48 distinct Ukrainian agencies and enterprises.” Moscow’s military hackers have been cautious not to unleash destructive data-destroying worms that could spread outside Ukraine, as the NotPetya virus did in 2017, the report noted.

“During the past month, as the Russian military moved to concentrate its attacks in the Donbas region, the number of destructive attacks has fallen,” according to the report, “Defending Ukraine: Early Lessons from the Cyber War.” The Redmond, Washington, company has unique insight in the domain due to the ubiquity of its software and threat detection teams.

Advertisement. Scroll to continue reading.

Microsoft said Ukraine has also set an example in data safeguarding. Ukraine went from storing its data locally on servers in government buildings a week before the Russian invasion — making them vulnerable to aerial attack — to dispersing that data in the cloud, hosted in data centers across Europe.

The report also assessed Russian disinformation and propaganda aimed at “undermining Western unity and deflecting criticism of Russian military war crimes” and wooing people in nonaligned countries.

Using artificial intelligence tools, Microsoft said, it estimated “Russian cyber influence operations successfully increased the spread of Russian propaganda after the war began by 216 percent in Ukraine and 82 percent in the United States.”

ReadRussia, Ukraine and the Danger of a Global Cyberwar

Written By

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Understand how to go beyond effectively communicating new security strategies and recommendations.

Register

Join us for an in depth exploration of the critical nature of software and vendor supply chain security issues with a focus on understanding how attacks against identity infrastructure come with major cascading effects.

Register

Expert Insights

Related Content

Cyberwarfare

WASHINGTON - Cyberattacks are the most serious threat facing the United States, even more so than terrorism, according to American defense experts. Almost half...

Cyberwarfare

Russian espionage group Nomadic Octopus infiltrated a Tajikistani telecoms provider to spy on 18 entities, including government officials and public service infrastructures.

Cybercrime

Patch Tuesday: Microsoft calls attention to a series of zero-day remote code execution attacks hitting its Office productivity suite.

Cyberwarfare

Several hacker groups have joined in on the Israel-Hamas war that started over the weekend after the militant group launched a major attack.

Application Security

Virtualization technology giant VMware on Tuesday shipped urgent updates to fix a trio of security problems in multiple software products, including a virtual machine...

Cybercrime

On the first anniversary of Russia’s invasion of Ukraine, cybersecurity companies summarize the cyber operations they have seen and their impact.

Cyberwarfare

The war in Ukraine is the first major conflagration between two technologically advanced powers in the age of cyber. It prompts us to question...

Application Security

Fortinet on Monday issued an emergency patch to cover a severe vulnerability in its FortiOS SSL-VPN product, warning that hackers have already exploited the...