Coinciding with the relentless cyberattack against Ukraine, state-backed Russian hackers conducted “strategic espionage” against governments, think tanks, businesses and aid groups in 42 countries supporting Kyiv, Microsoft said in a report on Wednesday.
“Russia has had a 29 percent target success rate (against Ukrainian allies) since the war began,” Microsoft President Brad Smith wrote of at least a quarter of successful cyber intrusions Data is stolen.
“As a coalition of nations unites to defend Ukraine, Russian intelligence services intensify cyber infiltration and espionage against allied governments outside Ukraine,” Smith said.
Nearly two-thirds of cyber espionage targets involve NATO members. The US is the primary target, while Poland, the main channel of military aid to Ukraine, is the secondary target. Targets have strengthened in Denmark, Norway, Finland, Sweden and Turkey over the past two months.
One notable exception is Estonia, where Microsoft said it had not detected a Russian cyber intrusion since Russia invaded Ukraine on February 24. The company credits Estonia for adopting cloud computing, where intruders are easier to detect. Some other European governments “still have significant collective defense weaknesses,” Microsoft said, without specifying them.
According to the 28-page report, half of the 128 organizations targeted are government agencies and 12 percent are non-government agencies, usually think tanks or humanitarian groups. Other targets include telecommunications, energy and defense companies.
Microsoft said Ukraine’s cyber defenses “have proven” overall to be more capable than Russia’s “waves of disruptive cyberattacks against 48 different Ukrainian institutions and businesses.” Military hackers in Moscow have been careful not to unleash a devastating data-destroying worm that could spread outside Ukraine, as in 2017’s NotPetya virus, the report noted.
“The number of destructive attacks has dropped over the past month as Russian forces have concentrated their attacks on the Donbas region,” the report, titled ” Defending Ukraine: Early Lessons from the Cyber War. The Redmond, Washington-based company has unique insight in the field thanks to the ubiquity of its software and threat detection teams.
Microsoft said Ukraine has also set an example when it comes to data protection. Ukraine went from storing its data locally on servers in government buildings a week before the Russian invasion — making them vulnerable to airstrikes — to having that data scattered in the cloud, hosted in data centers across Europe.
The report also assesses Russia’s disinformation and propaganda aimed at “undermining Western unity and deflecting criticism of Russia’s military war crimes” and attracting people in non-aligned countries.
Using artificial intelligence tools, Microsoft said it estimated that “Russian cyber-influence operations successfully expanded Russian propaganda by 216 percent in Ukraine and 82 percent in the United States.”