5 December 2022

Microsoft: Russia combines missile and cyberattacks in Ukraine


Microsoft: Russia combines missile and cyberattacks in Ukraine

Russia has intensified its multi-pronged hybrid technology approach, which includes both kinetic military operations and cyberattacks on Ukrainian civilian infrastructure to pressure the sources of Kyiv’s military and political support, Microsoft has warned in a new report.

In recent months threat actors working on behalf of the Russian government have targeted energy, water, and other critical infrastructure organizations in Ukraine with data wiping malware as missile strikes disrupted power and water supplies to civilians across the country. Moreover, the terrorist state’s cyber operations have spilled beyond Ukraine, as the recent series of Prestige ransomware attacks have shown. Microsoft has attributed this campaign to a threat cluster tracked as Iridium (DEV-0960) that shares overlaps with the well-known Russia-linked threat actor Sandworm.

“We believe these recent trends suggest that the world should be prepared for several lines of potential Russian attack in the digital domain over the course of this winter. First, we can expect a continuation of Russia’s cyber offensive against Ukrainian critical infrastructure,” Microsoft said. “We should also be prepared for the possibility that Russian military intelligence actors’ recent execution of a ransomware-style attack—known as Prestige—in Poland may be a harbinger of Russia further extending cyberattacks beyond the borders of Ukraine. Such cyber operations may target those countries and companies that are providing Ukraine with vital supply chains of aid and weaponry this winter.”

The tech giant has also warned that parallel with cyber threat activity Russia would likely conduct cyber-enabled influence operations targeting Europe to undermine military and humanitarian assistance to Ukraine.

“In the coming months, European nations will likely be subjected to a range of influence techniques tailored to their populations’ concerns about energy prices and inflation more broadly. Russia has and will likely continue to focus these campaigns on Germany, a country critical for maintaining Europe’s unity and home to a large Russian diaspora, seeking to nudge popular and elite consensus toward a path favorable to the Kremlin,” the company said.

 

Back to the list

Latest Posts

Russia-linked Nodaria APT adds new Graphiron infostealer to its toolkit

Russia-linked Nodaria APT adds new Graphiron infostealer to its toolkit

The new infostealer was observed in attacks targeting Ukrainian organizations.
8 February 2023
CISA releases tool to recover encrypted VMware ESXi servers

CISA releases tool to recover encrypted VMware ESXi servers

According to CISA’s list of bitcoin addresses, over 2,800 ESXi servers have been encrypted to date.
8 February 2023
Threat actors target Ukrainian government agencies with Remcos spyware

Threat actors target Ukrainian government agencies with Remcos spyware

The attack involves a phishing email ostensibly sent by Ukrtelecom, a major Ukrainian internet service provider.
8 February 2023