Microsoft sees Russian cyberattacks on Ukraine 'getting more and more disruptive'

By Briana Reilly / May 2, 2022 at 1:46 PM

In the days after Microsoft revealed it has identified more than 237 cyberattacks perpetuated by Russian actors in Ukraine alone over the course of the invasion, the company's executive vice president of strategic missions and technologies said today the operations are "only getting more and more disruptive."

The company first disclosed its understanding of the scope of Russia’s offensive cyber activity in a report released April 27, which shows those cyberattacks appear to be linked with kinetic military action on the ground, with both seeming to work “in tandem against a shared target set.”

Specifically, during the period spanning from the day before the Feb. 24 invasion through April 8, Microsoft reported it observed 37 destructive attacks aimed at “hundreds of systems.” Nearly one-third of those were directed at Ukrainian governmental organizations, according to the report, while more than 40% focused on “critical infrastructure sectors.”

But the report found that threat groups began targeting organizations inside or allied with Ukraine long before that -- as early as March 2021.

To counter those actors, Microsoft’s Jason Zander told an audience at the company’s National Security Symposium this morning in Washington, DC that executives have been working with both the Ukrainian government and cybersecurity officials to share “real time threat intelligence,” while “deploying tech countermeasures.”

The findings come as officials -- including Air Force Maj. Gen. Kevin Kennedy, U.S. Cyber Command’s director of operations -- have openly acknowledged that Russia’s cyber deployment has appeared less robust than initially anticipated.

During the TechNet Cyber conference in Baltimore, MD last week, Kennedy cautioned there could be a “more complex” set of reasons for that: “a conflation of intent, increased resilience, lack of capability, lack of will and then also failure of execution, like most operations when you look at them if they didn’t go the way you expected.”

At Microsoft, CEO Satya Nadella noted during a separate address today the company has been “on the front lines” in Ukraine, coordinating with both that country’s government and U.S. officials in the cyber defense realm.

“Long before you had the bombs dropped, you had cyberattacks and we were able to sense it and then we were able to help protect critical infrastructure,” he said.

Nadella also noted Microsoft has been “heavily involved in essentially migrating the entire Ukrainian government to be operating off of our cloud infrastructure all over Europe.”