Microsoft has released a new report showing how the one taking place in Ukraine is a hybrid warconeover 237 cyber attacks launched by hackers affiliated with the Kremlin. At least six pro-Russian hacker groups took the field, even with destructive blows.
Hybrid war in Ukraine, more than 237 attacks by pro-Russian hackers
The Ukrainian invasion showed how the concept of ‘war’ has changed enormously. In this conflict not only the military are participating. Both because the civilian population of Ukrainian cities has suffered very serious attacks, but also because several non-military groups are participating in the conflict. Especially with regard to the fronte cyber.
If volunteer hackers like those affiliated with Anonymous they have repeatedly been talked about on the pro-Kyiv front, even the Russian front has several supporters. Groups of cybercriminals not directly enlisted in the Kremlin armybut operating as state entities and targeting Moscow war targets.
Collaboration between hackers and the Russian military
Microsoft’s report highlights how at least six groups allied to Russia carried out hundreds of blows, which targeted Russian institutions. Often accompanying espionage and military actions, which caused enormous damage. By preventing people from reaching certain information, suspending services critical to the life of communities, attacking the life of government offices in Ukraine.
Microsoft reports the case of a cyber attack against the main Ukrainian television company of the 1 marchwhich arrived the same day the Russian military announced the missile attack on TV stations in Kyiv. The American company also links the data theft of the March 13 to the Ukrainian nuclear body with the attacks on power plants in the country. Or emails sent by hackers who do they pretended to be residents of Mariupol who complained of being abandoned by the government during the siege of the Russian army.
Attacks with military precision
Microsoft also points out that some of the hacker attacks by entities technically outside the Kremlin had precise strategic objectives. Of the 40 destructive attacks analyzed in the report, 32% directly involved Ukrainian government organizations. 40% hit organizations in critical sectors for the country’s economy and military structures.
In particular, Microsoft re-emphasizes how Russian hackers are using gods wiper malware, which delete the data making some services or structures unusable. On this front, the hackers of the named group are very active Iridium.
The hybrid war in Ukraine has been going on for over a year
In the report, Microsoft also notes that attacks by Russian hackers have started for over a year: the hybrid war has begun much earlier than the purely military conflict.
Already in March 2021 began the “pre-positioning“, Attacking Ukrainian or allied organizations, to broaden their influence in the country. Already since mid-2021 Russian cybercriminals targeted the supply chain Ukrainians and NATO allied countries. Earlier this year, the first data wiper attacks hit critical services in Ukraine.
Il Microsoft Threat Intelligence Center (MSTIC) already January 2022 he had discovered wiper attacks in dozens of Ukrainian systems. Following these incidents, he established contacts with Ukrainian cyber officers to assist in cyber detention and defense. Among these efforts, also a 24/7 control service and some technical tools.
But now Microsoft warns that the hybrid war could cross Ukraine’s borders and involve other nations. All states providing military or economic support in Kyiv they could end up in the crosshairs of hackers affiliated with the Kremlin. That it could stick with these extra-government groups without actually having to declare war.
Microsoft has alerted the American and European authorities of cybersecurity: the hybrid warfare could go global.