Russia Escalates Spying On Ukraine’s Allies

Uploaded on 2022-06-27 in INTELLIGENCE-Hot Spots-Russia, INTELLIGENCE--International, FREE TO VIEW

Russian state-backed hackers have conducted network spying and espionage activities against 128 organisations in 42 countries allied to Ukraine since the start of the war, according to Microsoft in it’s new findings published Wednesday 22nd of June.

Defending Ukraine: Early Lessons from the Cyber War is the report conducted by Microsoft’s threat intelligence and data science teams with the goal of sharpening our understanding of the threat landscape in the ongoing war in Ukraine.

“Microsoft has seen the Russian military launch multiple waves of destructive cyber-attacks against 48 distinct Ukrainian agencies and enterprises,” Brad Smith, the President and Vice Chair of Microsoft, said. “These have sought to penetrate network domains by initially comprising hundreds of computers and then spreading malware designed to destroy the software and data on thousands of others... Since the start of the war, the Russian targeting (of Ukraine’s allies) has been successful 29 percent of the time.”  

NATO is currently a focused target for Russia' computer operatives, according to the Microsoft report. 

American organisations are high on the list for the Russian hacking attacksoutside of Ukraine, according to Microsoft, but these Russian hacks include 42 countries which might have potential war information such as governments, firms, think tanks and humanitarian organisations. 

Those hacking attempts have successfully penetrated defenses 29% of the time, according to Microsoft. Of those successful breaches, a quarter resulted in data stolen from networks.  But Microsoft said it didn't have a full view of the hacking because some customers stored data on their own systems rather than in Microsoft's cloud computing infrastructure.

US Cyber Command, the military's hacking unit, has conducted a "full spectrum" of offensive, defensive and information operations in support of Ukraine and China has employed and trained some highly effective hackers on targets related to the Ukraine war, according to cyber security researchers. Furthermore, Suspected Chinese hackers appeared to try to break into computers linked to officials in the Russian city of Blagoveshchensk, near the Chinese border, according to Secureworks

Ukrainian officials have also accused the Russians of routing Internet traffic in parts of Ukraine through Russian Internet providers and subjecting those connections to censorship. 

Background 

The recorded history of every war typically includes an account of the first shots fired and who witnessed them. Each account provides a glimpse not just into the start of a war, but the nature of the era in which people lived. Historians who discuss the first shots in America’s Civil War in 1861 typically describe guns, cannons, and sailing ships around a fort near Charleston, South Carolina.

Events spiraled toward the launch of World War I in 1914 when terrorists in plain view on a city street in Sarajevo used grenades and a pistol to assassinate the archduke of the Austrian-Hungarian Empire. It would take until the Nuremberg war trials to fully understand what happened near the Polish border 25 years later. In 1939, Nazi SS troops dressed in Polish uniforms and staged an attack against a German radio station. Adolf Hitler cited such attacks to justify a blitzkrieg invasion that combined tanks, planes, and troops to overrun Polish cities and civilians.  Each of these incidents also provides an account of the technology of the time, technology that would play a role in the war that ensued and the lives of the people who lived through it. 

The war in Ukraine has a pattern and as the Russian army crossed the Ukrainian border on February 24th. However, the first shots were in fact fired a day earlier. They involved a cyber weapon called “Foxblade” that was launched against critical computer networks in Ukraine.

Reflecting the technology of our time, those among the first to observe the attack were half a world away, working in the United States.  This captures the importance of stepping back and taking stock of the first several months of the war in Ukraine, which has been devastating for the country in terms of destruction and loss of life, including innocent civilians.

Microsoft:       Secure Works:        Infosecurity Magazine:     CNN:      Reuters:     US News:     NBC

You Might Also Read: 

Estonia Fears Cyber Attacks Will Rise Because Of War In Ukraine:

« US Bank Loses Critical Data Of Over A Million Customers - Again
Cyber Security Tools For Your Small Business »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

European Cyber Security Organisation (ECSO)

European Cyber Security Organisation (ECSO)

The main objective of ECSO is to support all types of initiatives or projects that aim to develop, promote and encourage European cybersecurity.

Kernelios

Kernelios

Kernelios is a simulator-based training center and an incubator for cyber experts worldwide.

MSG Systems

MSG Systems

MSG are committed to intelligent IT and industry solutions and offer independent consulting on all aspects of information security.

FedRAMP

FedRAMP

FedRAMP, is a government-wide program that provides a standardized approach to security assessment, authorization, and continuous monitoring for cloud products and services.

GreyCastle Security

GreyCastle Security

GreyCastle Security is a leading cybersecurity services provider dedicated exclusively to cybersecurity and the practical management of cybersecurity risks.

CloudAlly

CloudAlly

CloudAlly provides online cloud to cloud backup and recovery solutions, which backs up daily changes in your SaaS to unlimited Amazon S3 storage and makes it available for restore or export.

ISEC7 Group

ISEC7 Group

ISEC7 Group is a global provider of mobile business services and software solutions. The company was one of the first movers in mobilising company and business processes.

ThreatAware

ThreatAware

Total visibility of your business cybersecurity. Monitoring, management and compliance for your cybersecurity tools, people and processes from one easy to use dashboard.

Flix11

Flix11

Flix11 is a Cyber Security & ICT Solutions focused company. We provide a range of products and services in Cyber Security, Internet of Things (IoT) and infrastructure solutions.

Cranfield University

Cranfield University

Cranfield Defence and Security are at the forefront of their fields, offering capabilities ranging from cyber security and digital warfare to robotics, forensic sciences and simulation and analytics.

Verichains

Verichains

Verichains Lab is a pioneer and leading APAC blockchain security firm with extensive expertise in the areas of security, cryptography and core blockchain technology.

Zitec

Zitec

One of Europe's largest and most prominent full-cycle software development services companies, Zitec is the digital transformation partner to companies in the EU, UK, USA, Canada and ME.

Security Discovery

Security Discovery

Stay ahead of cyber threats with Security Discovery. We offer expert consulting, comprehensive services, and a powerful vulnerability monitoring SaaS platform.

Insurica

Insurica

INSURICA is a full-service insurance agency built upon a tradition of integrity, industry leadership, and excellence.

Tamnoon

Tamnoon

Tamnoon is the Managed Cloud Detection and Response platform that helps you turn CNAPP and CSPM alerts into action and fortify your cloud security posture.

Planisys

Planisys

Planisys is a cybersecurity leader specializing in cutting-edge DNS security and email security solutions.