A hybrid war is being waged in Ukraine, military operations followed by hundreds of cyber attacks on Ukraine

Microsoft announced that six hacker groups supported by Russia carried out more than 237 cyber attacks on Ukraine, and that the attacks began weeks before the beginning of the invasion of Ukraine on February 24.

Microsoft has announced report which describes in detail how Russian cyber attacks on Ukraine were “strongly correlated” or “directly timed” with its military operations in the country.

For example, on March 1, several Kiev-based media companies were hit by destructive malware and information theft malware, which coincided with a rocket attack on a TV tower in Kiev on the same day.

Then, on March 13, Russian hackers backed by the state stole data from the Nuclear Security Organization, at a time when Russian troops occupied the Chernobyl nuclear power plant and the Zaporozhye nuclear power plant.

Microsoft also analyzed the use of destructive malware during and before the invasion, the first of which the company discovered in mid-January called WhisperGate. The combination of cyber and military attacks points to Russia’s hybrid warfare strategy, according to Microsoft.

“Russia’s use of cyber attacks appears to be strongly correlated and sometimes directly timed with its kinetic military operations targeting services and institutions crucial to civilians,” said Tom Bert, vice president of corporate security and trust.

According to the report, the day before the Russian army invaded Ukraine, hackers linked to the GRU, Russia’s military intelligence service, launched destructive attacks on hundreds of systems in the Ukrainian government, IT, energy and financial organizations.

Microsoft has discovered 37 destructive attacks on Ukraine between February 24 and April 8 using eight known malware, including FoxBlade, discovered by Microsoft in February, FiberLake, IsaacWiper / HermeticWiper / SonicVote and CaddyWiper, as well as Industroyer2, which targets industrial control systems (ICS). In many cases, malware used SecureDelete to delete data.

Two weeks ago, the American government warned about a suspicious Russian malware called Pipedream, which was adapted to endanger the ICS equipment of several manufacturers. Earlier this month, Ukrainian officials also said they had stopped a cyber attack on an energy facility that could cut off electricity to the homes of two million people.

“More than 40% of destructive attacks have targeted organizations in critical infrastructure sectors that could have negative effects on government, the military, the economy and the people,” says Microsoft.

In addition, 32% of attacks affected government organizations at the national, regional and city levels.

The three main Russian military agencies mentioned by Microsoft in the report are the GRU, the SVR (Russian Foreign Intelligence Service) and the FSB (Federal Security Service).

The main methods for the initial approach were phishingexploiting unpatched vulnerabilities and compromising IT service providers.

Microsoft says that Russian cyber attacks “functioned in tandem” against the goals of military activities. “Occasionally, attacks on a computer network immediately preceded a military attack, but these cases were rare from our perspective. “Cyber ​​operations so far have been in line with actions to degrade, disrupt or discredit the Ukrainian government, military and economic functions, provide a foothold in critical infrastructure and reduce access to information for the Ukrainian public,” said Microsoft.

After Microsoft discovered WhisperGate, it established a secure line of communication with Ukrainian officials and has since provided support to Ukrainian authorities.

Ahead of the invasion, Microsoft also noted that Russian cyber attacks are getting stronger and usually intensify after diplomatic failures.

“Given that Russian actors are reflecting and intensifying military actions, we believe that cyber attacks will continue to escalate as the conflict erupts,” Bert said, adding that Russian hackers could be tasked with expanding their destructive actions outside Ukraine to retaliate. who decide to provide more military assistance to Ukraine. He expressed the view that more punitive measures should be taken against the Russian government in response to the continuation of the aggression.



Source: Informacija.rs by www.informacija.rs.

*The article has been translated based on the content of Informacija.rs by www.informacija.rs. If there is any problem regarding the content, copyright, please leave a report below the article. We will try to process as quickly as possible to protect the rights of the author. Thank you very much!

*We just want readers to access information more quickly and easily with other multilingual content, instead of information only available in a certain language.

*We always respect the copyright of the content of the author and always include the original link of the source article.If the author disagrees, just leave the report below the article, the article will be edited or deleted at the request of the author. Thanks very much! Best regards!