I wanted to bring some attention to this report (PDF) from Microsoft released last week. Perhaps like me you’ve read multiple statements of surprise that the Russians weren’t engaging in a more active cyberwar than they have. I think the report explains what has actually been happening.
The TL;DR version is that since the very earliest days of the Russian invasion quite a number of “destructive” cyberattacks have been launched against Ukrainian government, infrastructure, and corporate targets and these attacks show signs of coordination with “kinetic” attacks, i.e. conventional military attacks. Brave New World, indeed.
Here’s a snippet:
A day before the military invasion, operators associated with the GRU, Russia’s military intelligence service, launched destructive wiper attacks on hundreds of systems in Ukrainian government, IT, energy, and financial organizations. Since then, the activity we have observed has included attempts to destroy, disrupt, or infiltrate networks of government agencies, and a wide range of critical infrastructure organizations, which Russian military forces have in some cases targeted with ground attacks and missile strikes. These network operations have at times not only degraded the functions of the targeted organizations but sought to disrupt citizens’ access to reliable information and critical life services, and to shake confidence in the country’s leadership.
Based on Russian military goals for information warfare, these actions are likely aimed at undermining Ukraine’s political will and ability to continue the fight, while facilitating collection of intelligence that could provide tactical or strategic advantages to Russian forces. Through our engagements with customers in Ukraine, we have observed that Russia’s computer-enabled efforts have had an impact in terms of technical disruption of services and causing a chaotic information environment, but Microsoft is not able to evaluate their broader strategic impact.
It’s the best information on this subject that I have read to date.
I don’t think that their recommendations will be widely heeded, indeed, I think that most companies and government agencies are pretty reckless when it comes to computer security but that needs to change and quickly.
“I think the report explains what has actually been happening.”
Nah. I think Hillary Clinton was pulled out of retirement and sent to Moscow with a shiny new reset button. So Putin’s playing nice.
Once the plaintiff’s bar moves in, folks won’t find security expensive, time consuming and for the user, a terrible inconvenience.
https://www.wired.com/story/russia-hacked-attacks/