Defending Ukraine: Microsoft’s Early Lessons from Russia’s Cyberwar
Everyone knows about the Russian war in Ukraine, but less well known is that Russia has been engaged in a secret cyberwar against the entire world since the invasion began, spanning 128 organizations across 42 countries. Microsoft’s threat intelligence team has been on the virtual front lines, and the company has now released a 27-page white paper about its experiences, along with a corresponding blog post summarizing the key points:
- Countries need to distribute data outside their borders. Ukraine’s data centers were one of Russia’s first cruise missile targets, but Ukraine’s government quickly dispersed its operations to the public cloud, hosted in data centers across Europe.
- Cyber defenses such as advances in threat intelligence and endpoint protection have helped Ukraine mitigate many of Russia’s cyberattacks.
- Russian intelligence agencies have stepped up their efforts to penetrate the networks of countries supporting Ukraine, most notably the United States and Poland, a NATO member where much of the military and humanitarian assistance for Ukraine is being coordinated.
- Russian agencies are conducting significant propaganda operations to support the invasion, simultaneously attempting to undermine Ukrainian confidence, disrupt Western unity, and sustain support among the Russian population.
- Microsoft calls for “a coordinated and comprehensive strategy to strengthen defenses against the full range of cyber destructive, espionage, and influence operations.” In other words, we’re all in this together.
Perhaps most interesting is the extent to which tech giants like Microsoft are playing an active role in this conflict. Corporations are by definition part of the military-industrial complex, but given the breadth of cyberattacks, the need for tech companies to help defend their customers everywhere feels like a seismic shift. We’ve been noting examples of the tech world’s global influence for some time now; this is yet another example of how they’re approaching the power (and responsibility) of nation-states.
It is good to see Microsoft being very pro-active in this. (Of course, they’re probably disproportionally responsible for the vulnerabilities…) I’m also encouraged that we’ve heard of offensive counter cyber operations from US Cyber Command. US confirms military hackers have conducted cyber operations in support of Ukraine - CNNPolitics
We have just merged our College with two others, forming a new university. The biggest nightmare has been the implementation of IT resources with security being the key driver.
Teaching, communication all severely hampered if you are in any way odd, odd meaning a geek or Mac user or both.
Not just in our College, but across all government bodies after the HSE, the overall management agency running our health services, was ground to a halt by a Russian hacker group seeking a ransom. This was at the height of the pandemic. The jolt given to the state has informed all subsequent developments.
We will be looking back at the early days of the Internet, what freedoms we had, differently as this age unfolds.
Join the discussion in the TidBITS Discourse forum