Microsoft: Russian cyber spying targets 42 Ukraine allies
Microsoft says “strategic espionage” by state-backed Russian hackers has targeted government agencies, think tanks, businesses and aid groups in 42 countries supporting Ukraine
Your support helps us to tell the story
From reproductive rights to climate change to Big Tech, The Independent is on the ground when the story is developing. Whether it's investigating the financials of Elon Musk's pro-Trump PAC or producing our latest documentary, 'The A Word', which shines a light on the American women fighting for reproductive rights, we know how important it is to parse out the facts from the messaging.
At such a critical moment in US history, we need reporters on the ground. Your donation allows us to keep sending journalists to speak to both sides of the story.
The Independent is trusted by Americans across the entire political spectrum. And unlike many other quality news outlets, we choose not to lock Americans out of our reporting and analysis with paywalls. We believe quality journalism should be available to everyone, paid for by those who can afford it.
Your support makes all the difference.Coinciding with unrelenting cyberattacks against Ukraine, state-backed Russian hackers have engaged in “strategic espionage” against governments, think tanks, businesses and aid groups in 42 countries supporting Kyiv, Microsoft said in a report Wednesday.
“Since the start of the war, the Russian targeting (of Ukraine's allies) has been successful 29 percent of the time,” Microsoft President Brad Smith wrote, with data stolen in at least one-quarter of the successful network intrusions,
Nearly two-thirds of the cyberespionage targets involved NATO members. The United States was the prime target and Poland, the main conduit for military assistance flowing to Ukraine, was No. 2. In the past two months, Denmark, Norway, Finland, Sweden and Turkey have seen stepped-up targeting,
A striking exception is Estonia, where Microsoft said it has detected no Russian cyber intrusions since Russia invaded Ukraine on Feb. 24. The company credited Estonia's adoption of cloud computing, where it's easier to detect intruders. “Significant collective defensive weaknesses remain” among some other European governments, Microsoft said, without identifying them.
Half of the 128 organizations targeted are government agencies and 12% are nongovernmental agencies, typically think tanks or humanitarian groups, according to the 28-page report. Other targets include telecommunications, energy and defense companies.
Microsoft said Ukraine's cyber defenses “have proven stronger” overall than Russia's capabilities in “waves of destructive cyberattacks against 48 distinct Ukrainian agencies and enterprises.” Moscow's military hackers have been cautious not to unleash destructive data-destroying worms that could spread outside Ukraine, as the NotPetya virus did in 2017, the report noted.
“During the past month, as the Russian military moved to concentrate its attacks in the Donbas region, the number of destructive attacks has fallen,” according to the report, “Defending Ukraine: Early Lessons from the Cyber War.” The Redmond, Washington, company has unique insight in the domain due to the ubiquity of its software and threat detection teams.
Microsoft said Ukraine has also set an example in data safeguarding. Ukraine went from storing its data locally on servers in government buildings a week before the Russian invasion — making them vulnerable to aerial attack — to dispersing that data in the cloud, hosted in data centers across Europe.
The report also assessed Russian disinformation and propaganda aimed at “undermining Western unity and deflecting criticism of Russian military war crimes” and wooing people in nonaligned countries.
Using artificial intelligence tools, Microsoft said, it estimated "Russian cyber influence operations successfully increased the spread of Russian propaganda after the war began by 216 percent in Ukraine and 82 percent in the United States.”