Microsoft uncovers extensive Russian cyber operations in Ukraine

Ines Kagubare
·2 min read

Microsoft released a report on Wednesday detailing how Russian-backed hackers unleashed a series of cyber operations against Ukraine as early as March 2021.

According to the report, at least six separate Russian-backed hacking groups have launched more than 200 cyber operations against Ukraine, including destructive attacks that have threatened civilian welfare. The report also found that the hackers engaged in a broad range of espionage and intelligence activities.

Microsoft found nearly 40 destructive attacks, 32 percent of which directly targeted Ukrainian government organizations while 40 percent were aimed at critical sectors.

“The attacks have not only degraded the systems of institutions in Ukraine but have also sought to disrupt people’s access to reliable information and critical life services on which civilians depend, and have attempted to shake confidence in the country’s leadership,” said Tom Burt, a Microsoft vice president, in a blog post.

The report comes as the war in Ukraine intensifies and the number of military and civilian casualties rises. Russia announced on Wednesday that it was ceasing its natural gas shipments to Poland and Bulgaria in response to Western sanctions.

The Microsoft report found that the cyberattacks were strongly tied and sometimes directly timed with the kinetic military operations on the ground targeting Ukrainian services and institutions. For instance, cyberattacks were launched against a major broadcasting company on March 1, on the same day the Russian military directed a missile strike against a TV tower in Kyiv.

The tech company also said Russian cyber operations began as early as March 2021, with the hackers attempting to “gain a larger foothold into Ukrainian systems.” The hackers also tried to gain access to the systems of NATO member states, it said.

The report concluded that “it’s likely the attacks we’ve observed are only a fraction of activity targeting Ukraine.”

This is the second time this month that Microsoft has released findings related to Russian cyberattacks amid the war. In early April, the tech giant said it disrupted cyberattacks intended to target Ukraine and organizations in the United States and the European Union.

Microsoft alleged that a Russian hacking group called Strontium was aiming at Ukrainian media organizations as well as foreign policy-related institutions in the U.S. and the EU.

The Russian embassy in Washington did not immediately respond to a request for comment.

For the latest news, weather, sports, and streaming video, head to The Hill.