Microsoft: Russian hacks often accompany Ukraine attacks

PTI Updated - April 28, 2022 at 11:20 AM.

Nearly half the destructive attacks were against critical infrastructure, many times simultaneous to physical attacks

Cyberattacks by state-backed Russian hackers have destroyed data across dozens of organisations in Ukraine and produced “a chaotic information environment,” Microsoft says in a report released Wednesday.

Nearly half the destructive attacks were against critical infrastructure, many times simultaneous to physical attacks, the report notes.

A top Ukrainian cybersecurity official, Victor Zhora, told reporters in a news briefing on Wednesday that cyberattacks on telecommunications have sometimes coincided with artillery and other physical attacks.

Microsoft assessed that Russia-aligned threat groups were “pre-positioning for the conflict as early as March 2021,” hacking into networks to obtain footholds they could later use to collect “strategic and battlefield intelligence or to facilitate future destructive attacks.” During the war, Russia's cyberattacks “have at times not only degraded the functions of the targeted organisations, but sought to disrupt citizens' access to reliable information and critical life services, and to shake confidence in the country's leadership,” the company's Digital Security Unit says in the 20-page report.

Kremlin cyber operations “have had an impact in terms of technical disruption of services and causing a chaotic information environment, but Microsoft is not able to evaluate their broader strategic impact,” the report says.

Disruption from Russian cyber activity has been more modest than many anticipated ahead of the February 24 invasion, and Microsoft said damaging attacks have “been accompanied by broad espionage and intelligence activities.” Early on, a cyberattack that also affected European broadband users knocked out satellite service to Ukrainian military, police and other institutions. But Ukrainian defenders, aided by outside cybersecurity firms, have also scored victories. Microsoft and Slovakia-based ESET helped them thwart an attempt earlier this month to cut power to millions of Ukrainians.

The report says groups with known or suspected ties with Russia's GRU military intelligence agency have used destructive “wiper” malware “at a pace of two to three incidents a week since the eve of the invasion.” It did not name specific targets but they are known to include telecommunications companies and local, regional and national agencies.

From the invasion onset until April 8, Microsoft said at least eight different malware strains were used in “nearly 40 discrete destructive attacks that permanently destroyed files in hundreds of systems across dozens of organisations in Ukraine.” In an accompanying blog, Microsoft executive Tom Burt noted the company had also seen “limited espionage attack activity” targeting NATO member States.

Published on April 28, 2022 05:50

This is a Premium article available exclusively to our subscribers.

Subscribe now to and get well-researched and unbiased insights on the Stock market, Economy, Commodities and more...

You have reached your free article limit.

Subscribe now to and get well-researched and unbiased insights on the Stock market, Economy, Commodities and more...

You have reached your free article limit.
Subscribe now to and get well-researched and unbiased insights on the Stock market, Economy, Commodities and more...

TheHindu Businessline operates by its editorial values to provide you quality journalism.

This is your last free article.