Russian Hackers Also Focused on US and NATO Since Invasion
Russia is expanding its espionage and influence operations against Ukraine and its allies, including malicious cyber activity that requires a coordinated, robust response, Microsoft Corp said in a report published Wednesday.
Russia has deployed a three-pronged strategy of coordinated military, cyber and propaganda efforts since it invaded Ukraine in February, Microsoft said. The cyberattacks included “wiper” malware that Russian hackers deployed against Ukrainian computer systems, the company said, and malware masquerading as legitimate emails.
Nearly two-thirds of Russian cyber espionage targets outside Ukraine were NATO countries, with nearly half of all campaigns directed at government agencies, according to the report. Russian hackers have most frequently tried to conduct network intrusions against US organizations, with attackers also aiming to breach entities based in Poland, Denmark, Norway, Finland, Sweden and Turkey, the company said. Cyberattacks directed at critical infrastructure accounted for about 19% of the activity.
Of the attempted Russian hacking detected by Microsoft since the start of the war, 29% has been successful, according to the report. Roughly a quarter of the successful breaches have resulted in the theft of data, the company said.
Data stored on-site is more vulnerable than information in the cloud, according to the report.
“The key to a country’s digital resilience in wartime is the ability quickly to move data outside the country while still connecting to and relying on it for a government’s digital operations,” researchers wrote.
Meanwhile, Microsoft found, the spread of Russian propaganda has spiked in Ukraine, the US and elsewhere since the war began.
Pro-Russian news articles have sought to justify the initial February invasion, explain how Ukraine’s revolution led to the war and criticize the countries aligned with Ukraine.
“The escalation follows years of unsuccessful talks, broken ceasefire agreements and a standoff between Russia and the West,” according to one article cited as an example in Microsoft’s report.
A representative for the Russian embassy in Washington didn’t immediately respond to an email seeking comment Wednesday.
The Biden administration has repeatedly warned of cybersecurity threats against US companies and critical infrastructure since the outbreak of the war. US officials have urged companies to update their software and increase threat detection capabilities in the face of Russian aggression in cyberspace, among other recommendations.