Microsoft reports that more than 200 cyberattacks carried out against Ukraine since the Russian invasion were committed by only six people

Since around February 24, 2022, when Russia's invasion of Ukraine began in earnest,

multiple cyber attacks on Ukraine have been reported , and the relationship between Russia and attackers conducting cyber attacks continues to be pointed out. Meanwhile, Microsoft has released a report on Russia's cyber attacks on Ukraine.

The hybrid war in Ukraine --Microsoft On the Issues

Microsoft says Russia hit Ukraine with hundreds of cyberattacks

According to Microsoft, at least six Russian government officials have repeatedly launched more than 237 cyberattacks on Ukraine shortly before Russia's invasion of Ukraine began. This cyberattack also includes ongoing sabotage and attacks that threaten private welfare facilities.

Microsoft's '237 cyber attacks' also included extensive espionage and intelligence activities, which Microsoft said 'these attacks not only exacerbated the situation in Ukraine, but also depended on civilians. It has also led to obstruction of access to reliable sources and important living services. It can be inferred that these attacks undermine confidence in the leadership of the Ukrainian government. ' In addition to this, 'limited espionage and disinformation activities' not only to Ukraine but also to NATO member countries have been detected.

According to Microsoft, Russia's cyberattacks since the invasion of Ukraine are strongly correlated with military operations focused on services and institutions that are important to civilians, and were done in perfect timing with the military operations. It seems that there was also. One example is the cyberattack launched by a Russian attacker on March 1, 2022 against a major broadcaster. On the same day that the cyberattack was carried out, Russian troops announced that they would 'destroy a facility that disinformation in Ukraine' and launched a missile attack on the television tower in Kieu. Also, on March 13, a few weeks after Russian troops took control of the Chernobyl nuclear power plant, another attacker stole data from a server of the Ukrainian nuclear safety organization.

Nearly 40 of the cyberattacks detected by Microsoft are related to physical destruction attacks, and these attacks are targeted at hundreds of systems. Of the cyber attacks associated with this physical destructive attack, 32% directly target Ukrainian government-related organizations at the national, regional and urban levels, and more than 40% adversely affect the Ukrainian government, the military, the economy and civilians. It was aimed at organizations related to the important infrastructure that could be given.

Attackers involved in these attacks attempt to infiltrate the IT equipment of the target organization by methods such as 'infringement of IT service providers by using vulnerabilities such as

phishing and unpatched'. pattern. Also, these attackers often make changes to the malware they use to avoid being detected.

In addition, Russian attackers have been preparing for a cyberattack on Ukraine since around March 2021, frequently cyberattacking organizations within Ukraine and those belonging to Ukrainian allies to gain a foothold in the Ukrainian system. Microsoft reports that it has done so. Also, when Russia began to invade Ukraine, Russian attackers found evidence of cyber attacks on Ukrainian military partners and others, Microsoft said.

It was also confirmed that by mid-2021, Russian attackers had repeatedly targeted cyberattacks targeting Ukrainian and overseas supply chain vendors to secure access not only to Ukraine but also to NATO member countries. I am. When Russia deployed its armaments along the Ukrainian border in early 2022, attackers launched a cyberattack on Ukrainian organizations with wiper-type malware. Cyber attacks by wiper-type malware are closely related to attacks by Russian troops and have been detected multiple times since Russia's invasion of Ukraine, but Microsoft said, 'The cyber attacks we detected were targeted at Ukraine. It may be just one part of a cyberattack, 'suggests the existence of previously undetected cyberattacks.'

Wiper-type malware 'Caddy Wiper' that completely destroys data is found in Ukraine, this is the third from just before the Russian invasion --GIGAZINE

According to Microsoft, the company's security team has worked closely with Ukrainian government officials, agencies and private-sector cybersecurity staff to identify and address cyberattacks that have been carried out against Ukraine. .. In January 2022, the Microsoft Threat Intelligence Center, which is responsible for investigating cyber attacks within Microsoft, detected a wiper-type network on the Ukrainian network and submitted a report summarizing warnings and findings to the Ukrainian government. .. Since then, Microsoft has worked with major Ukrainian internet-related companies to establish a secure communication line that can be used in the country. As a result, the Ukrainian government, companies, and organizations have succeeded in building an environment where they can use the Internet while protecting themselves from cyber attacks.

Microsoft said, 'Given the trends of Russian attackers so far, cyber attacks on Ukraine are expected to escalate as the war between Russia and Ukraine intensifies. Russian government-related attackers said It may be responsible for retaliation against countries that are strengthening their military support to Ukraine and those that have decided to take more disciplinary measures against the Russian government. ' It suggests that cyber attacks on the countries that support Ukraine may intensify.

Microsoft is not the only country that has dealt with Russia's cyber attacks on Ukraine. It is reported that a top secret team led by the U.S. government has been conducting operations to protect Ukraine's cybersecurity long before Russia's invasion of Ukraine, which has helped more than one million Ukrainian citizens. increase.

It is clear that the United States was conducting a top secret mission for cyber defense of Ukraine before the invasion of Russia, and it has already saved the lives of 1 million people --GIGAZINE

in Security, Posted by logu_ii