Russia Escalates Spying On Ukraine’s Allies

Uploaded on 2022-06-27 in INTELLIGENCE-Hot Spots-Russia, INTELLIGENCE--International, FREE TO VIEW

Russian state-backed hackers have conducted network spying and espionage activities against 128 organisations in 42 countries allied to Ukraine since the start of the war, according to Microsoft in it’s new findings published Wednesday 22nd of June.

Defending Ukraine: Early Lessons from the Cyber War is the report conducted by Microsoft’s threat intelligence and data science teams with the goal of sharpening our understanding of the threat landscape in the ongoing war in Ukraine.

“Microsoft has seen the Russian military launch multiple waves of destructive cyber-attacks against 48 distinct Ukrainian agencies and enterprises,” Brad Smith, the President and Vice Chair of Microsoft, said. “These have sought to penetrate network domains by initially comprising hundreds of computers and then spreading malware designed to destroy the software and data on thousands of others... Since the start of the war, the Russian targeting (of Ukraine’s allies) has been successful 29 percent of the time.”  

NATO is currently a focused target for Russia' computer operatives, according to the Microsoft report. 

American organisations are high on the list for the Russian hacking attacksoutside of Ukraine, according to Microsoft, but these Russian hacks include 42 countries which might have potential war information such as governments, firms, think tanks and humanitarian organisations. 

Those hacking attempts have successfully penetrated defenses 29% of the time, according to Microsoft. Of those successful breaches, a quarter resulted in data stolen from networks.  But Microsoft said it didn't have a full view of the hacking because some customers stored data on their own systems rather than in Microsoft's cloud computing infrastructure.

US Cyber Command, the military's hacking unit, has conducted a "full spectrum" of offensive, defensive and information operations in support of Ukraine and China has employed and trained some highly effective hackers on targets related to the Ukraine war, according to cyber security researchers. Furthermore, Suspected Chinese hackers appeared to try to break into computers linked to officials in the Russian city of Blagoveshchensk, near the Chinese border, according to Secureworks

Ukrainian officials have also accused the Russians of routing Internet traffic in parts of Ukraine through Russian Internet providers and subjecting those connections to censorship. 

Background 

The recorded history of every war typically includes an account of the first shots fired and who witnessed them. Each account provides a glimpse not just into the start of a war, but the nature of the era in which people lived. Historians who discuss the first shots in America’s Civil War in 1861 typically describe guns, cannons, and sailing ships around a fort near Charleston, South Carolina.

Events spiraled toward the launch of World War I in 1914 when terrorists in plain view on a city street in Sarajevo used grenades and a pistol to assassinate the archduke of the Austrian-Hungarian Empire. It would take until the Nuremberg war trials to fully understand what happened near the Polish border 25 years later. In 1939, Nazi SS troops dressed in Polish uniforms and staged an attack against a German radio station. Adolf Hitler cited such attacks to justify a blitzkrieg invasion that combined tanks, planes, and troops to overrun Polish cities and civilians.  Each of these incidents also provides an account of the technology of the time, technology that would play a role in the war that ensued and the lives of the people who lived through it. 

The war in Ukraine has a pattern and as the Russian army crossed the Ukrainian border on February 24th. However, the first shots were in fact fired a day earlier. They involved a cyber weapon called “Foxblade” that was launched against critical computer networks in Ukraine.

Reflecting the technology of our time, those among the first to observe the attack were half a world away, working in the United States.  This captures the importance of stepping back and taking stock of the first several months of the war in Ukraine, which has been devastating for the country in terms of destruction and loss of life, including innocent civilians.

Microsoft:       Secure Works:        Infosecurity Magazine:     CNN:      Reuters:     US News:     NBC

You Might Also Read: 

Estonia Fears Cyber Attacks Will Rise Because Of War In Ukraine:

« US Bank Loses Critical Data Of Over A Million Customers - Again
Cyber Security Tools For Your Small Business »

ManageEngine
CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

MIIS Cyber Initiative

MIIS Cyber Initiative

The Cyber Initiative's mission is to assess the impact of the information age on security, peace and communications.

Messageware

Messageware

Messageware is the market leader in securing, enhancing, and customizing Microsoft Exchange and Outlook Web App.

Anomali

Anomali

Anomali delivers intelligence-driven cybersecurity solutions to enhance threat visibility, automate threat processing and detection, and accelerate threat investigation, response, and remediation.

Centre for the Protection of National Infrastructure (CPNI) - UK

Centre for the Protection of National Infrastructure (CPNI) - UK

CPNI works with the National Cyber Security Centre (NCSC), Cabinet Office and lead Government departments and agencies to drive forward the UK's cyber security programme to counter cyber threats.

HYAS Infosec

HYAS Infosec

HYAS is a highly skilled information security firm developing the next generation of information security technology.

La Fosse Associates

La Fosse Associates

The InfoSec Recruitment team at La Fosse Associates specialises in placing Information Security & Risk professionals on a permanent and contract basis.

Finnish Accreditation Service (FINAS)

Finnish Accreditation Service (FINAS)

FINAS is the national accreditation body for Finland. The directory of members provides details of organisations offering certification services for ISO 27001.

NTIC Cyber Center - USA

NTIC Cyber Center - USA

NTIC Cyber Center is an organization dedicated to making the National Capital Region (Washington DC) more resilient to cyber-attacks.

Meriplex

Meriplex

Meriplex is a Managed Services provider specializing in Intelligent Networks, Cybersecurity and Cloud Communications.

CyberNews

CyberNews

Cybernews.com is a research-based online publication that helps people navigate a safe path through their increasingly complex digital lives.

HiScout

HiScout

HiScout is your integrated management system for IT governance, risk & compliance.

QAlified

QAlified

QAlified offer independent testing and quality assurance services for software projects including security testing.

Vaultree

Vaultree

We believe in an encrypted tomorrow. Vaultree technology enables a foundational change in how we communicate with each other: Safely!

GoPlus Security

GoPlus Security

GoPlus is working as the "security infrastructure" for web3, by providing open, permissionless, user-driven Security Services.

Boecore

Boecore

Boecore is an aerospace and defense engineering company that specializes in software solutions, systems engineering, cybersecurity, enterprise networks, and mission operations.

Actfore

Actfore

Actfore offers advanced AI/ML-powered data mining solutions to swiftly detect and uncover sensitive information compromised in cyber breaches.