Microsoft says Russia has stepped up cyber espionage against the US and Ukraine allies

Microsoft says Russia has stepped up cyber espionage against the US and Ukraine allies

American organizations were the main target of Russian hacking attempts outside of Ukraine, according to Microsoft, but alleged Russian hacking has spanned 42 countries and a variety of sectors that could have valuable war-related information, from governments to think tanks. . humanitarian groups.

It is a reminder of the voracious appetite Russian cyber operators have for strategic information, as the Kremlin is more isolated on the international stage than it has been for decades.

Those hacking attempts have successfully penetrated defenses 29% of the time, according to Microsoft. Of those successful breaches, a quarter resulted in data being stolen from networks.

But measuring the “success” of Russian cyber espionage is difficult, and Microsoft said it did not have a full picture of the hack because some customers stored data on their own systems rather than in Microsoft’s cloud computing infrastructure.

CNN has reached out to the Russian embassy in Washington for comment. Moscow routinely denies allegations of hacking.

It is likely that several governments have stepped up their offensive cyber activities related to the Ukraine war as they seek information on how the fight and the global consequences of it.

Cyber ​​Command, the US military’s hacking unit, has conducted a “full spectrum” of offensive, defensive and intelligence operations in support of Ukraine, the command’s chief confirmed this month.

China has also trained some of its very capable hackers on targets related to the Ukraine war, according to cybersecurity researchers. Suspected Chinese hackers apparently tried to break into computers linked to officials in the Russian city of Blagoveshchensk, near the Chinese border, according to cybersecurity firm Secureworks.

US officials continue to study Russia’s efforts to supplement its kinetic war in Ukraine with cyber operations.

Significant alleged incidents of Russian hacking in Ukraine since the February invasion include the hacking of a satellite operator, which knocked out Internet service from tens of thousands of satellite modems as the invasion unfolded, and waves of data hacking aimed at to destabilize Ukrainian government agencies.

Ukrainian officials have also accused the Russians of routing Internet traffic in occupied parts of Ukraine through Russian Internet providers and subjecting those connections to censorship.

Some of those tactics “may become part of China’s playbook” in future attempts by Beijing to project power beyond its borders, according to Mieke Eoyang, deputy assistant secretary of defense for cyber policy.

“The cybernetic dimensions of [what Russia is trying doing in Ukraine] are incredibly important for us, especially at the Department of Defense, to understand what the playbook might be if another cyber-capable country tried to do this,” Eoyang said Tuesday at an event in Washington hosted by the Third Way think tank. .

NATO members a focus for Russian hackers

NATO, the 30-nation military alliance that includes the US, Canada and European allies, has been a particular target for Russian cyber operatives, according to the Microsoft report.

After the US, Poland, a hub for the delivery of humanitarian and military aid to Ukraine, was the NATO member most targeted by Russian hackers in recent months, Microsoft researchers found.

Prospective NATO members, and not just current ones, have had to keep an eye out for potential Russian cyberattacks. The governments of Sweden and Finland have been vigilant about Russian hacking before and after announcing their intention to join NATO in May.

For months, Swedish officials have encouraged critical infrastructure operators to lower their thresholds for reporting suspicious cyber activity to authorities, said Johan Turell, a senior analyst with the cybersecurity department at the Swedish Civil Contingencies Agency, a government organization that prepares for natural and man-made disasters. crisis

The Kremlin has warned Sweden and Finland, which share hundreds of miles of border with Russia, not to join NATO.

While Ukrainian President Volodymyr Zelensky was speaking via video conference with the Finnish parliament on April 8, a cyberattack briefly took the websites of the Finnish foreign and defense ministries offline. Websites quickly came back online. Some digital forensics specialists linked the attack, which did not cause any serious disruption, to Russia.

“We don’t know if these were patriotic Russian hackers or an entity linked more directly to [the] Russian government,” Mikko Hyppönen, a prominent Finnish cybersecurity executive, told CNN. “But I have no doubt that the attack was Russian,” he said after reviewing the technical evidence.

“If Russia is trying to scare us with these attacks, they are failing,” said Hyppönen, director of research at cybersecurity firm WithSecure.

This story has been updated with additional details.

Leave a Comment

Your email address will not be published.