Microsoft Reveals Damage of Russian Cyberattacks on Ukraine

Microsoft’s Digital Security Unit revealed that Russia’s cyber component has conducted relentless and destructive attacks on Ukraine, disrupting the government and other sectors in the country.

In a special report on Russian cyberattack activity to Ukraine, Microsoft said that Russia attempted to destroy, disrupt, or infiltrate networks of government agencies even before it invaded Ukraine in February 24. 

Russian cyberattack strategies included “phishing campaigns, exploiting unpatched vulnerabilities in on-premises Exchange servers, and compromising upstream IT service providers.” Threat groups with suspected links to GRU, Russia’s military intelligence service, have also continuously developed wiper malware or similar destructive tools, the report said.

The report said that 40 percent of the attacks were directed to organizations in critical infrastructure sectors, and 32 percent to Ukrainian government organizations.

Microsoft found that as early as March 2021, Russia-aligned threat groups also attacked Ukrainian and NATO member diplomatic targets through password spraying, attempting to access a huge number of accounts with few common passwords, and phishing.

At least six suspected Russian cyber threat groups were said to have been involved in reconnaissance, phishing, data theft, and data deletion.

Microsoft also found a correlation between the Russian cyber operations and the Russian military. On February 24, the first day of the attack, Microsoft said that cyber threat actors, likely Russians, compromised the Odessa-based critical infrastructure while the Russian military advance into Sumy city center.

Microsoft said that Russian nation state threat actors may still expand their activities as the war continues.

“Microsoft encourages all organizations that are directly or indirectly associated with the conflict in Ukraine to proactively protect themselves from the threats described in this report and actively monitor for similar actions in their environment,” the tech company advised.


© Fourth Estate® — All Rights Reserved.
This material may not be published, broadcast, rewritten or redistributed.