BOSTON (AP) — Cyberattacks by state-backed Russian hackers have destroyed data at dozens of organizations in Ukraine and created “a chaotic information environment,” Microsoft said in a report released Wednesday.
Nearly half of the destructive attacks targeted critical infrastructure, many times simultaneously with bombings and missile attacks, the report notes.
Microsoft estimated that Russian-aligned threat groups were “prepositioning themselves for conflict as early as March 2021,” hacking into networks to gain a foothold that they could then use to gather “strategic and battlefield intelligence or to facilitate future destructive attacks”.
During the war, Russia’s cyberattacks “sometimes not only degraded the functions of targeted organizations, but also sought to disrupt citizens’ access to reliable information and life-saving services, and undermine trust in the leadership of the country,” the company’s digital security unit said. in the 20-page report.
The Kremlin’s cyber operations “had an impact in terms of technical disruption of services and creation of a chaotic information environment, but Microsoft is unable to assess their broader strategic impact,” the report said.
The disruption to Russian cyber activity was more modest than many had anticipated before the Feb. 24 invasion, and Microsoft said the damaging attacks “come along with extensive espionage and intelligence activity.”
Early on, a cyberattack that also affected European broadband users disrupted satellite service to the Ukrainian army, police and other institutions. But Ukrainian defenders, aided by outside cybersecurity firms, have also scored victories. Microsoft and Slovakia-based ESET helped them thwart an attempt earlier this month to cut off power to millions of Ukrainians.
The report says groups with known or suspected ties to Russia’s GRU military intelligence agency have been using destructive ‘windshield wiper’ malware “at a rate of two to three incidents per week since the day before the outbreak. ‘invasion”.
He did not name specific targets, but they are known to include telecommunications companies and local, regional and national agencies.
From the start of the invasion through April 8, Microsoft said at least eight different malware strains had been used in “nearly 40 stealth destructive attacks that permanently destroyed files on hundreds of systems. in dozens of organizations in Ukraine”.
In an accompanying blog post, Microsoft executive Tom Burt noted that the company has also seen “limited spy attack activity” targeting NATO member states.
Suggest a fix