Russia Escalates Spying On Ukraine’s Allies

Russian state-backed hackers have conducted network spying and espionage activities against 128 organisations in 42 countries allied to Ukraine since the start of the war, according to Microsoft in it’s new findings published Wednesday 22nd of June.

Defending Ukraine: Early Lessons from the Cyber War is the report conducted by Microsoft’s threat intelligence and data science teams with the goal of sharpening our understanding of the threat landscape in the ongoing war in Ukraine.

“Microsoft has seen the Russian military launch multiple waves of destructive cyber-attacks against 48 distinct Ukrainian agencies and enterprises,” Brad Smith, the President and Vice Chair of Microsoft, said. “These have sought to penetrate network domains by initially comprising hundreds of computers and then spreading malware designed to destroy the software and data on thousands of others... Since the start of the war, the Russian targeting (of Ukraine’s allies) has been successful 29 percent of the time.”  

NATO is currently a focused target for Russia' computer operatives, according to the Microsoft report. 

American organisations are high on the list for the Russian hacking attacksoutside of Ukraine, according to Microsoft, but these Russian hacks include 42 countries which might have potential war information such as governments, firms, think tanks and humanitarian organisations. 

Those hacking attempts have successfully penetrated defenses 29% of the time, according to Microsoft. Of those successful breaches, a quarter resulted in data stolen from networks.  But Microsoft said it didn't have a full view of the hacking because some customers stored data on their own systems rather than in Microsoft's cloud computing infrastructure.

US Cyber Command, the military's hacking unit, has conducted a "full spectrum" of offensive, defensive and information operations in support of Ukraine and China has employed and trained some highly effective hackers on targets related to the Ukraine war, according to cyber security researchers. Furthermore, Suspected Chinese hackers appeared to try to break into computers linked to officials in the Russian city of Blagoveshchensk, near the Chinese border, according to Secureworks

Ukrainian officials have also accused the Russians of routing Internet traffic in parts of Ukraine through Russian Internet providers and subjecting those connections to censorship. 

Background 

The recorded history of every war typically includes an account of the first shots fired and who witnessed them. Each account provides a glimpse not just into the start of a war, but the nature of the era in which people lived. Historians who discuss the first shots in America’s Civil War in 1861 typically describe guns, cannons, and sailing ships around a fort near Charleston, South Carolina.

Events spiraled toward the launch of World War I in 1914 when terrorists in plain view on a city street in Sarajevo used grenades and a pistol to assassinate the archduke of the Austrian-Hungarian Empire. It would take until the Nuremberg war trials to fully understand what happened near the Polish border 25 years later. In 1939, Nazi SS troops dressed in Polish uniforms and staged an attack against a German radio station. Adolf Hitler cited such attacks to justify a blitzkrieg invasion that combined tanks, planes, and troops to overrun Polish cities and civilians.  Each of these incidents also provides an account of the technology of the time, technology that would play a role in the war that ensued and the lives of the people who lived through it. 

The war in Ukraine has a pattern and as the Russian army crossed the Ukrainian border on February 24th. However, the first shots were in fact fired a day earlier. They involved a cyber weapon called “Foxblade” that was launched against critical computer networks in Ukraine.

Reflecting the technology of our time, those among the first to observe the attack were half a world away, working in the United States.  This captures the importance of stepping back and taking stock of the first several months of the war in Ukraine, which has been devastating for the country in terms of destruction and loss of life, including innocent civilians.

Microsoft:       Secure Works:        Infosecurity Magazine:     CNN:      Reuters:     US News:     NBC

You Might Also Read: 

Estonia Fears Cyber Attacks Will Rise Because Of War In Ukraine:

« US Bank Loses Critical Data Of Over A Million Customers - Again
Cyber Security Tools For Your Small Business »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Rollbar

Rollbar

Rollbar is a full-stack error monitoring platform for web and mobile applications. We help developers find and fix bugs fast. Built by developers for developers.

ProfitBricks

ProfitBricks

ProfitBricks is a secure cloud computing infrastructure-as-a-service (IaaS) solution.

BlueID

BlueID

BlueID is an IDaaS technology product which enables your objects to securely connect and interact with your users’ smart phones and smart watches.

Global Forum on Cyber Expertise (GFCE)

Global Forum on Cyber Expertise (GFCE)

GFCE is a global platform for countries, international organizations and private companies to exchange best practices and expertise on cyber capacity building.

Seceon

Seceon

Seceon OTM, is a cyber security advanced threat management platform that visualizes, detects, and eliminates threats in real time.

Junglemap

Junglemap

Junglemap provide nanolearning training courses on ransomware, information security and GDPR.

SoftLock

SoftLock

Softlock is a regional leader in Information Security providing solutions, consulting, integration and testing services to protect information assets, identities and supporting infrastructure.

Netlawgic Legal Services

Netlawgic Legal Services

Netlawgic is exclusively focused on delivering cyber law solutions to the industry. We provide our clients with specialized attention and problem solving in all aspects of cyber law.

Labs/02

Labs/02

Labs/02 is a seed-stage incubator with a mission to advance cutting-edge technology in innovative areas including AI, deep learning, autonomous transportation, and smart cities.

BreachQuest

BreachQuest

BreachQuest brings together cybersecurity experts with decades of experience identifying security flaws, penetrating networks, and responding to incidents.

TwoThreeFour

TwoThreeFour

ThreeTwoFour provide tailored cyber security solutions, delivered by highly-skilled, experienced consultants who respond to the real needs of you and your business.

Noetic Cyber

Noetic Cyber

Noetic provides a proactive approach to cyber asset and controls management, empowering security teams to see, understand, and optimize their cybersecurity posture.

Trusted Cyber Solutions

Trusted Cyber Solutions

Trusted Cyber Solutions is an independent Cyber Security and Risk Management consultancy.

Cornami

Cornami

Cornami delivers real-time computing on encrypted data sets, which is vital for data privacy and cloud security.

Eurotech

Eurotech

Eurotech provides Edge Computers and IoT solutions. We help to connect your assets and make them smarter through secure and agnostic hardware and software technologies.

SecurWeave

SecurWeave

SecurWeave's Configurable Hardware Enforced Safety and Security (CHESS) platform has been designed to meet the security and safety criticality needs of the evolving digital industry.