Russia launched cyber espionage campaigns against Ukraine allies: Microsoft

Madeline Monroe/Greg Nash
Madeline Monroe/Greg Nash

Russia has levied dozens of cyber espionage campaigns in 42 countries since it invaded Ukraine in February, according to a new Microsoft report.

The report says those efforts have targeted entities across six continents and primarily focused on NATO allies and groups supporting Ukraine.

“The Russian invasion relies in part on a cyber strategy that includes at least three distinct and sometimes coordinated efforts – destructive cyberattacks within Ukraine, network penetration and espionage outside Ukraine and cyber influence operations targeting people around the world,” Microsoft President Brad Smith said in the report. The tech giant previously detailed Russian cyber operations against Ukraine itself during the invasion in April.

Sixty-three percent of the observed Russian activity in the 42 countries beyond Ukraine targeted NATO members, according to the new report. The United States has been Russia’s top target, but the company also noted a large amount of activity in Poland — which borders Ukraine and has provided significant military and humanitarian assistance to the country — as well as the Baltic states.

Microsoft also highlighted an increase in targeting against networks in countries such as Finland and Sweden, which have recently applied for NATO membership, and Turkey, which has raised opposition to those bids.

Nearly half of the observed activity targeted governments, and another 12 percent focused on nongovernmental organization advising Ukraine on foreign policy or those providing humanitarian aid.

Russia’s other attacks targeted IT companies, the energy sector and defense entities, according to the report.

But those attacks were often fended off by organizations’ cyber defenses. Just 29 percent of identified Russian efforts were successful, and a quarter of those incidents led to confirmed exfiltration of the organization’s data, Microsoft said.

The tech giant argued the attacks call for additional investments in cyber defenses.

“The lessons from Ukraine call for a coordinated and comprehensive strategy to strengthen defenses against the full range of cyber destructive, espionage and influence operations,” Smith said.

The report also documents how Russia’s cyber operations are disseminating its propaganda. Russian President Vladimir Putin has framed the Ukrainian invasion as a “special military operation” and has cracked down on dissenters to the war.

Microsoft concluded that Russian cyber influence increased the spread of the country’s propaganda by 216 percent in Ukraine and 82 percent in the United States since the war began.

The tech giant said those efforts target Russians to sustain domestic support for the war effort, Ukrainians to undermine confidence in the country’s abilities, Americans and Europeans to undermine Western unity against Russia, and people in nonaligned countries to sustain Russia’s support in international bodies.

“Unfortunately, especially when pursued with patience and persistence, these cyber influence operations are almost perfectly positioned to take advantage of the longstanding openness of democratic societies and the public polarization that is characteristic of current times,” the report stated.

The Russian Embassy in Washington did not immediately return a request for comment.

Tags Brad Smith cyberattacks cybersecurity Finland Microsoft Microsoft Russia Russia-Ukraine conflict Russia-Ukraine war Turkey

Copyright 2023 Nexstar Media Inc. All rights reserved. This material may not be published, broadcast, rewritten, or redistributed.

See all Hill.TV See all Video

Most Popular

Load more


See all Video