Microsoft: Russia has conducted hundreds of cyberattacks against Ukraine
Microsoft said Wednesday in a report that Russia has carried out hundreds of cyber operations, including destructive attacks, against Ukraine throughout its invasion.
Why it matters: Microsoft, which is working with Ukrainian cybersecurity officials to defend against such cyberattacks, said Russia's relentless operations have sought to degrade Ukraine's government and military and undermine the public's trust in those institutions.
Six separate Russia-aligned nation-state actors have carried out at least 237 operations against Ukraine, according to the report.
- Nearly 40 of those operations were destructive attacks aimed at permanently destroying files in hundreds of systems across dozens of organizations in Ukraine.
- 40% of the destructive attacks were directed toward critical infrastructure that could have "negative second-order effects" on the government, military, economy and people, Microsoft said.
What they're saying: "Given Russian threat actors have been mirroring and augmenting military actions, we believe cyberattacks will continue to escalate as the conflict rages," Tom Burt, Microsoft’s vice president for customer security, said in a blog post Wednesday.
- "Russian nation-state threat actors may be tasked to expand their destructive actions outside of Ukraine to retaliate against those countries that decide to provide more military assistance to Ukraine and take more punitive measures against the Russian government in response to the continued aggression," Burt added.
The big picture: Russia's cyber operations have been at times directly timed with its land, air and sea attacks against Ukraine, according to Microsoft's report.
- However, it could not be determined if the Russia's cyber and physical forces were actively coordinating attacks or simply pursuing a common set of military objectives.
- Through the operations, says Microsoft, Russia has also attempted to compromise public information sources and communications systems in order to limit Ukrainian citizens from reliable information.
- It also conduced a cyber-enabled influence operation to try to turn Ukrainian citizens against their government.
What's next: Microsoft acknowledged in the report that there may be ongoing cyber activity that it cannot see and warned that if the Russian actors "maintain the current pace of development and deployment, we anticipate more destructive malware will be discovered as the conflict continues."