Microsoft has revealed that it discovered a new malware (opens in new tab) strain just a few hours before Russia began its invasion of neighboring Ukraine.
In a new blog post (opens in new tab), the software giant explained that one of its principal responsibilities as a software and cybersecurity company is to help defend both governments and countries from cyberattacks. As such, Microsoft has been paying close attention to the events going on in Ukraine.
Microsoft's Threat Intelligence Center (MSTIC (opens in new tab)) has been monitoring the situation closely and several hours before Russia's invasion of Ukraine began, it detected a new round of cyberattacks targeting the country's digital infrastructure.
In addition to advising the Ukranian government on the matter, Microsoft's security team identified the use of a new malware package, which it has dubbed FoxBlade, and provided technical advice on the steps needed to prevent falling victim to it. In fact, within three hours, signatures used to detect FoxBlade activity were added to Microsoft Defender (opens in new tab) to help defend against this new threat.
Precisely targeted cyberattacks
Over the course of the past few days, Microsoft has provided both threat intelligence and defensive suggestions to Ukrainian official regarding attacks on a range of targets including Ukrainian military institutions, manufacturers and several other government agencies.
According to Microsoft, these ongoing cyberattacks have been precisely targeted and the company hasn't seen the use of indiscriminate malware technology across Ukraine's economy and beyond its borders since the NotPetya (opens in new tab) attack in 2017.
> Anonymous launches "cyber war" against Russia (opens in new tab)
> TrickBot malware has been taken over by this notorious criminal gang (opens in new tab)
> Raspberry Pi can now detect malware without any software (opens in new tab)
The company also remains concerned regarding recent cyberattacks on civilian digital targets including the financial sector, agriculture sector, emergency response services, humanitarian aid efforts and energy sector organizations in Ukraine. These attacks on civilian targets raise serious concerns under the Geneva Convention (opens in new tab) which is why Microsoft has shared all of the information it has on them with the Ukrainian government.
Besides cyberattacks, there have also been efforts to steal a wide range of data including health, insurance and transportation-related personally identifiable information (PII (opens in new tab)) from Ukrainian citizens.
We could potentially hear more from Microsoft on its cybersecurity efforts in Ukraine if cybercriminals and nation state hackers alike continue to target the country and its citizens.
- We've also featured the best malware removal software (opens in new tab) and the best endpoint protection software (opens in new tab)