Microsoft reveals Russian attack on Ukraine 2022-04-27 12:02:00


A general view of Microsoft’s headquarters in Issy-les-Moulineaux, near Paris, France, April 18, 2016. REUTERS/Charles Plateau/File Photo

Register now to get free unlimited access to

(Reuters) – Russian government hackers have carried out several cyber operations against Ukraine that appeared to support Moscow’s military attacks and online propaganda campaigns, according to Microsoft. (MSFT.O) He said in a report on Wednesday.

The reported intrusions – some of which have not previously been disclosed – suggest that hacking played a greater role in the conflict than was previously known to the public.

Researchers have found that the digital attack, which Microsoft said began one year before the Russian invasion on February 24, may have laid the groundwork for various military missions in the war-torn region.

Register now to get free unlimited access to

Microsoft said it observed between February 23 and April 8, a total of 37 devastating Russian cyber attacks inside Ukraine.

The Russian Embassy in Washington did not immediately respond with a letter seeking comment.

Experts said the findings underscore how modern warfare can combine digital and kinetic strikes.

“Russian generals and spies tried to make cyberattacks part of their war effort as they struggled on the battlefield,” said Thomas Reed, professor of strategic studies at Johns Hopkins University’s Paul Nitze School of Advanced International Studies.

Microsoft said the Russian hacking and military operations worked “in tandem with a set of common goals.” The tech company said it could not determine if this association was driven by coordinated decision-making or simply due to shared goals.

For example, a timeline published by Microsoft showed that on March 1 – the same day a Russian missile was launched at the Kyiv TV tower – the capital’s media companies were subjected to devastating hacking and cyber espionage.

In another case, the company’s cybersecurity research team recorded “suspected Russian actors” lurking in Ukraine’s critical infrastructure in the northeastern city of Sumy, two weeks before it reported widespread electricity shortages in the area on March 3.

The next day, Microsoft said, Russian hackers broke into a government network in the central Ukrainian city of Vinnytsia. Two days later, missiles destroyed the city’s airport.

Viktor Zora, a top Ukrainian cybersecurity official, said on Wednesday that he continues to see Russian cyberattacks on domestic telecoms companies and power network operators.

“I think they can organize more attacks on these sectors,” Zahra told reporters. “We shouldn’t underestimate the Russian hackers, but perhaps we shouldn’t overestimate their potential.”

He thanked Microsoft, the US government, and many European allies for their support in cybersecurity.

Since the start of the war, academics and analysts have said that Russia has appeared to be less active in cyberspace against Ukraine than expected. Microsoft’s report reveals a flurry of malicious cyber activity, although in most cases its impact was either not immediately clear or not.

Two weeks ago, the US government publicly revealed an electronic weapon, known as a pipedream, designed to damage industrial control systems. While the tool has not been attributed to Russia, it is considered extremely dangerous and its discovery coincides with the conflict in Ukraine.

Register now to get free unlimited access to

Additional reporting by Raphael Satter, Christopher Bing and James Pearson; Editing by Howard Goller

Our criteria: Thomson Reuters Trust Principles.