A Ukrainian flag flies at the destroyed bridge crossing the Irpin River from the town of Irpin, Ukraine, on Friday, April 22. Microsoft said Wednesday that Ukraine has been hit with cyberattacks that coincide with the Russian ground invasion. Photo by Ken Cedeno/UPI |
License Photo
April 28 (UPI) -- U.S. technology giant Microsoft said it has observed Russia-aligned hackers conducting cyberattacks against Ukraine in concert with the Kremlin's military invasion of the Eastern European country.
In a report published Wednesday, Microsoft said it has document at least 237 operations conducted by at least six Russia-connected threat actors going back months before Moscow invaded Ukraine on Feb. 24.
Tom Burt, corporate vice president for Customer Security & Trust at Microsoft, said in a statement accompanying the report that the intrusions appear to be "strongly correlated and sometimes directly timed" with military operations on the ground in Ukraine.
On March 1, as Russia launched an offensive against Ukrainian media with a missile strike hitting a Kyiv TV tower, Microsoft said it observed cyberattacks targeting a major broadcasting company.
Hackers also stole data from a nuclear safety organization as the Russian military was capturing nuclear power plants. And amid Russian forces bombarding the southeastern Ukrainian city of Mariupol, Ukrainians were emailed false accusations from a Russian actor disguised as a resident of the besieged city claiming Kyiv had abandoned them.
The report states that the cyberefforts go back to as early as March of last year when they were launched in an attempt to gain a foothold in Ukrainian systems. By the middle of last year, the actors started targeting Ukraine's supply chain vendors and sought access to the systems of NATO member states.
Then early this year amid rising tensions between Europe and Russia and failed attempts to de-escalate the situation as Kremlin forces moved toward the border, actors launched a malware attack to wipe the systems of Ukrainian organizations.
"Since the Russian invasion of Ukraine began, Russian cyberattacks have been deployed to support the military's strategic and tactical objectives," Burt said. "It's likely the attacks we've observed are only a fraction of activity targeting Ukraine."
The report states that the intrusions, which have also been accompanied by broad espionage and intelligence activities, include threats that are ongoing and threaten civilian welfare.
"The attacks have not only degraded the systems of institutions in Ukraine but have also sought to disrupt people's access to reliable information and critical life services on which civilians depend, and have attempted to shake confidence in the country's leadership," Burt further explained.
Of destructive attacks observed by Microsoft between Feb. 23 and April 8, nearly 40 permanently destroyed files on hundreds of systems across dozens of organizations in Ukraine.
More than 40% of the destructive attacks targeted organizations in critical infrastructure sectors and could negative affect the military, economy, government and the Ukrainian public, it said, with 32% affecting national, regional and city-level organizations.
As the war continues, Microsoft predicts the cyberattacks will intensify and as ally nations provide Ukraine with military assistance their probability of becoming targets grows.
The report states that the actors active in Ukraine are "also showing interest in or conducing operations" against organizations in the Baltics, Turkey and all eastern flank NATO-member states that are supporting Ukraine.
Ukrainian service members stand beside a damaged building in a residential area after shelling in Kyiv, Ukraine, on March 18. Photo by Vladyslav Musiienko/UPI |
License Photo