Friday, March 29

Microsoft: this is how Russia uses cyber attacks to destroy the West | Digital Trends Spanish


This Wednesday, June 22, Microsoft delivered a detailed report where he gives an account of the strategies that Russia is using to attack Computer way to Ukraine and how it has used cyberattacks to undermine Western efforts.

The president of the corporation, Brad Smith, gave a short introduction to this problem:

«Defending Ukraine: Early Lessons from the Cyber ​​War. This report represents research conducted by Microsoft’s threat intelligence and data science teams with the goal of sharpening our understanding of the threat landscape in the ongoing war in Ukraine. The report also offers a series of lessons and conclusions resulting from the data collected and analyzed. In particular, the report reveals new information about Russian efforts, including an increase in network penetration and espionage activities between allied governments, nonprofits, and other organizations outside of Ukraine. This report also reveals details about Russia’s sophisticated and pervasive foreign influence operations that are used, among other things, to undermine Western unity and bolster its war efforts. We are seeing these foreign influence operations forcefully enacted in a coordinated manner along with the full range of cyberdestructive and espionage campaigns.. Finally, the report calls for a coordinated and comprehensive strategy to strengthen collective defenses, a task that will require the private sector, the public sector, non-profit organizations and civil society to come together. The foreword to this new report, written by Microsoft President and Vice President Brad Smith, provides additional details below.

Four pillars of the report against Russia:

This report offers five conclusions that come from the first four months of the war:

  • First, defense against military invasion now requires for most countries the ability to disburse and distribute digital operations and data assets across borders and across borders. Not surprisingly, Russia targeted Ukraine’s government data center in an early cruise missile attack, and other “on-premises” servers were similarly vulnerable to attack by conventional weapons. Russia also took aim at its destructive “windshield wiper” attacks on local computer networks. But Ukraine’s government has successfully sustained its civilian and military operations by moving quickly to disburse its digital infrastructure to the public cloud, where it has been housed in data centers across Europe. This has involved urgent and extraordinary steps from across the tech industry, including Microsoft. While the work of the technology sector has been vital, it is also important to think about the more lasting lessons that stem from these efforts.
  • Second, recent advances in cyber threat intelligence and endpoint protection have helped Ukraine resist a high percentage of destructive Russian cyberattacks. Because cyber activities are invisible to the naked eye, they are harder for journalists and even many military analysts to track. Microsoft has seen the Russian military launch multiple waves of destructive cyberattacks against 48 different Ukrainian agencies and companies. These have tried to penetrate network domains by initially targeting hundreds of computers and then spreading malware designed to destroy software and data on thousands of others. Russian cyber tactics in the war have differed from those deployed in the NotPetya attack on Ukraine in 2017. That attack used destructive “worm” malware that could jump from one computer domain to another and thus cross borders into other countries. . Russia has been careful in 2022 to confine destructive “windshield wiper software” to specific network domains within Ukraine itself. But the recent and ongoing destructive attacks themselves have been sophisticated and more widespread than many reports acknowledge. And the Russian military continues to adapt these destructive attacks to the changing needs of warfare, even combining cyber attacks with the use of conventional weapons.
  • Third, as a coalition of countries has come together to defend Ukraine, Russian intelligence agencies have stepped up network penetration and espionage activities targeting allied governments outside of Ukraine. At Microsoft, we have detected Russian network intrusion efforts at 128 organizations in 42 countries outside of Ukraine. While the United States has been Russia’s number one target, this activity has also prioritized Poland, where much of the logistical delivery of military and humanitarian assistance is being coordinated. Russian activities have also targeted the Baltic states, and over the last two months there has been an increase in similar activity targeting computer networks in Denmark, Norway, Finland, Sweden and Turkey. We have also seen an increase in similar activity directed at the foreign ministries of other NATO countries. Russian targets have prioritized governments, especially among NATO members. But the list of targets has also included think tanks, humanitarian organizations, IT companies, and providers of energy and other critical infrastructure. Since the beginning of the war, the Russian target we have identified has been successful 29 percent of the time. A quarter of these successful intrusions have led to the confirmed exfiltration of an organization’s data, although as the report explains, this likely underestimates the degree of Russian success.
  • Fourth, in coordination with these other cyber activities, Russian agencies are conducting global cyber influence operations to support their war efforts. These combine tactics developed by the KGB over several decades with new digital and Internet technologies to give foreign influence operations broader geographic reach, greater volume, more precise targeting, and greater speed and agility. Unfortunately, with enough planning and sophistication, these cyber influence operations are well positioned to take advantage of the longstanding openness of democratic societies and the public polarization that is characteristic of current times.

Finally, Brad Smith maintains that, “as part of a new initiative at Microsoft, we are using AI, new analysis tools, larger data sets and a growing staff of experts to track and forecast this cyber threat. Using these new capabilities, we estimate that Russian cyber influence operations successfully increased the spread of Russian propaganda after the war began by 216 percent in Ukraine and 82 percent in the United States. We will continue to expand Microsoft’s work in this field in the coming weeks and months. This includes both internal growth and through the deal we announced last week to acquire Miburo Solutions, a leading cyber threat research and analysis company specializing in detecting and responding to foreign cyber influence operations.”

Publisher Recommendations










es.digitaltrends.com