Microsoft reveals immense scale of Russian cyber onslaught against Ukraine

(Image credit: Shutterstock / lockon16)
Audio player loading…

Microsoft has published a new report detailing a series of cyberattacks launched by Russia against critical infrastructure operators in Ukraine.

Although the company didn't explicitly connect the cyberattacks to the war in Ukraine, it did say that both military and cyber attackers “share the same goal”, Reuters reports. In many cases, it would seem, cyberattacks “laid the groundwork” for military operations.

While cyber warfare began a year before the military invasion, the volume of attacks has increased over the last three months.

Image (opens in new tab)

Share your thoughts on Cybersecurity and get a free copy of the Hacker's Manual 2022 (opens in new tab). Help us find how businesses are preparing for the post-Covid world and the implications of these activities on their cybersecurity plans. Enter your email at the end of this survey (opens in new tab) to get the bookazine, worth $10.99/£10.99.

Shared targets

Since February 23, a total of 37 Russian cyberattacks against key Ukrainian targets have been observed, Microsoft said.

"Russian generals and spies have tried to make cyberattacks part of their war effort while they've struggled on the battlefield," Thomas Rid, a professor of Strategic Studies at Johns Hopkins University, told Reuters.

In one example, Russian hackers attacked media companies in Ukraine, on the same day that missiles struck Kyiv’s TV tower. And in another instance, “suspected Russian actors” were spotted lurking in Ukrainian critical infrastructure endpoints (opens in new tab) in Sumy, two weeks before power went out in the region.

Victor Zhora, a top Ukrainian cybersecurity official, said he expects more Russian attacks against critical infrastructure. 

"I believe that they can organize more attacks on these sectors," Zhora told reporters. "We shouldn't underestimate Russian hackers but we probably should not over-estimate their potential."

Even some commercially-driven threat actors have joined the war effort. Conti, for example, a known Russian-based ransomware (opens in new tab) operator, declared its support for the invasion, which prompted Ukrainian hackers to leak private Conti chats, and even ransomware source code.

Via Reuters (opens in new tab)

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.