Microsoft has published a new report detailing a series of cyberattacks launched by Russia against critical infrastructure operators in Ukraine.
Although the company didn’t explicitly connect the cyberattacks to the war in Ukraine, it did say that both military and cyber attackers “share the same goal”, Reuters reports. In many cases, it would seem, cyberattacks “laid the groundwork” for military operations.
While cyber warfare began a year before the military invasion, the volume of attacks has increased over the last three months.
Shared targets
Since February 23, a total of 37 Russian cyberattacks against key Ukrainian targets have been observed, Microsoft said.
“Russian generals and spies have tried to make cyberattacks part of their war effort while they’ve struggled on the battlefield,” Thomas Rid, a professor of Strategic Studies at Johns Hopkins University, told Reuters.
In one example, Russian hackers attacked media companies in Ukraine, on the same day that missiles struck Kyiv’s TV tower. And in another instance, “suspected Russian actors” were spotted lurking in Ukrainian critical infrastructure endpoints in Sumy, two weeks before power went out in the region.
Victor Zhora, a top Ukrainian cybersecurity official, said he expects more Russian attacks against critical infrastructure.
“I believe that they can organize more attacks on these sectors,” Zhora told reporters. “We shouldn’t underestimate Russian hackers but we probably should not over-estimate their potential.”
Even some commercially-driven threat actors have joined the war effort. Conti, for example, a known Russian-based ransomware operator, declared its support for the invasion, which prompted Ukrainian hackers to leak private Conti chats, and even ransomware source code.
Via Reuters