The stream of hostile activity is sometimes integrated into the operations of the Russian military, according to research carried out by the company
At least six hacker groups linked to the Russian government have carried out hundreds of cyber attacks in Ukraine since Russia invaded it in February, including dozens of attacks designed to destroy computer systems, according to a new study by Microsoft.
Moscow's hacking activity amounts to a relentless array of disruptive and destructive activities, which are sometimes coordinated at a tactical level with military maneuvers on the ground, in addition to traditional cyber espionage, Microsoft said.
Although many attacks were successful, Ukraine's cyber defenses were able to fend off others, and in the meantime, Ukraine has managed in most cases to escape a country-wide cyber disruption or damage to critical systems, something that many in the West feared might happen at the beginning of the fighting.
"The attacks not only damaged the systems of institutions in Ukraine, but also tried to hinder people's access to reliable information and essential life services, and tried to undermine trust in the country's leadership," said Tom Brett, Microsoft's vice president for consumer security and trust, in a company blog post released alongside the study.
"It would be a mistake not to appreciate their potential"
In a briefing with reporters on Wednesday, Viktor Zhora, deputy director of Ukraine's cyber agency, said he thought Russia had used its full offensive cyber capabilities against Ukraine as the war dragged on and was unlikely to use cyber weapons that were unexpected or "brand new."
"They are a serious threat. It would be a mistake not to appreciate their potential," Jura said. "But at the same time... I guess we are fully capable of resisting, in cyber warfare and war in general."
The Russian-backed hackers had already "improved positions for the conflict" starting in March 2021, Brett said, apparently in an effort to gain more extensive access to Ukrainian networks that could be leveraged in wartime. By mid-2021, some of the hackers were attempting to target supply chain vendors in Ukraine and elsewhere "to secure additional access not only to systems in Ukraine but also in NATO member states," Brett said. Supply chain vendors are companies that sell software or other products that are widely used by third-party companies, making them desirable targets for hackers.
 |
| Hackers linked to Russia have carried out hundreds of cyberattacks in Ukraine |
The Russian Embassy in Washington did not immediately respond to a request for comment. Moscow routinely denies allegations of cyberattacks against other countries and has said it has recently been the victim of cyberattacks by Western countries.
"Before it was more elephant in a china shop style stuff"
Microsoft's new findings, released Wednesday, largely support what cybersecurity experts, major tech companies and Western intelligence officials have been noticing for a while: While large-scale, large-scale attacks haven't happened yet, Russian hackers have been very active in the conflict in Ukraine and have focused much of their efforts on limited tactical operations. to support the military effort.
Some of the attacks were clumsy and amounted to mere harassment, such as slowing down the Internet or bringing it down for a short time, defacing websites and destroying files on a limited number of computers. Others achieved little more and employed Ukraine's cyber defense forces. More recently, when the Russian strategic target shifted to eastern Ukraine, new and more disturbing attacks against the country's energy sector were discovered.
Hackers have been trying to hit the Ukrainian government and critical infrastructure since the start of the war, but in the past three weeks researchers at Cisco Systems have seen a gradual increase in sophisticated attacks by what appear to be more experienced hackers, said Matt Olney, director of threat intelligence at Cisco. "Before it was more elephant in a china shop style stuff," he said. "Today it's more like a sophisticated theft of works of art."
In some cases, Russia's cyberattacks appeared to be strongly and sometimes directly linked to military activity on the ground, Brett said. He cited as an example the cyber attacks directed against a major broadcasting company, Ukrtelecom, on March 1, the day Russian forces attacked a television tower in Kiev with a missile.
In another example, an independent group of Russian hackers in mid-March stole data from a nuclear safety organization a few weeks after Russia took control of nuclear power plants, Microsoft said.
The efforts to make the war a hybrid were also seen in the space of the filtered information. As Mariupol suffered an ongoing siege by Russian forces, some Ukrainians received an email from a group of Russian hackers posing as residents of the city accusing the Ukrainian government of abandoning its residents, Microsoft said.
Contrary to the assurances expressed by Zohra from the Ukrainian government, senior U.S. and Western intelligence officials say they fear that Russia has the resources and capabilities to carry out far more damaging cyber attacks against Ukraine than it has so far.
Some said the Russians' initial miscalculation that Kiev would fall within days contributed to initial hesitancy. The campaign to launch cyber attacks against vital infrastructures that could seriously damage the fabric of life in Ukraine.
Microsoft said they noticed almost 40 destructive cyber attacks in Ukraine against hundreds of systems. Of these, approximately one-third targeted Ukrainian government entities at the national, regional, and city levels, and more than 40% of the attacks targeted vital infrastructure areas that could have reverberating effects on Ukraine's government, military, economy, and population, Microsoft said.
from across the web
Add Comments