Study says many Russian cyberattacks failed in early months of Ukraine war

WASHINGTON — A new examination of how Russia used its cyber capabilities in the early months of the war in Ukraine contains a number of surprises: Moscow launched more cyberattacks than expected at the time to bolster its conquest, but more than two-thirds of them failed, echoing its poor performance on the physical battlefield. .

However, the study, Posted by Microsoft on WednesdayHe noted that President Vladimir Putin’s government was more successful than many expected in its disinformation campaign to establish a narrative about the war in Russia’s favour, including proving that the United States was secretly producing biological weapons inside Ukraine.

The report is the latest effort by many groups, including US intelligence agencies, to understand the interaction of brutal physical warfare with parallel – and often coordinated – conflict in cyberspace. She noted that Ukraine was well prepared to repel cyber attacks, having suffered from them for many years. That was at least in part due to the well-established warning system from private sector companies, including Microsoft and Google, and preparations that included moving many of Ukraine’s most important systems to the cloud, on servers outside of Ukraine.

An account of Russian cyberattacks and disinformation campaigns showed that only 29 percent of the attacks breached the targeted networks — in Ukraine, the United States, Poland and the Baltic states. But it does point to more successful efforts underway to control information warfare, with Russia blaming Washington and Kiev for starting the conflict now raging in eastern and southern Ukraine.

The war is the first large-scale battle in which conventional and electronic weapons are used side by side, and the race continues to explore the never before seen dynamic between the two. So far, very little of this dynamic has developed as expected.

See also  Russia tightens restrictions in the occupied regions of Ukraine: live news

At first, analysts and government officials were struck by the absence of crippling Russian attacks on Ukraine’s power grid and communications systems. In April, Chris Inglis, President Biden’s national electronic director, said the “immediate question” was why Russia did not “play a very important electronic game, at least against NATO and the United States.” He speculated that the Russians believed they were on their way to a quick victory in February but were “distracted” when the war effort encountered obstacles.

The Microsoft report said that Russia attempted a major cyber attack on February 23, the day before the physical invasion. This attack, using malware called FoxBlade, was an attempt to use a “wiper” program that erased data on government networks. At about the same time, Russia attacked the Vyasat satellite communications network, hoping to cripple the Ukrainian army.

“we “They were, I think, among the first to see the first shots fired on February 23,” said Brad Smith, President of Microsoft.

He added on Wednesday at a forum at the Ronald Foundation and the Reagan Presidential Institute in Washington.

But many attacks were thwarted, or there was enough redundancy built into Ukrainian networks that the effort did little harm. The result, Smith said, is that the attacks went unreported.

In many cases, Mr. Smith said, Russia has coordinated its use of cyber weapons with conventional attacks, including destroying a nuclear power plant’s computer network before moving its forces in to seize it. Microsoft officials declined to specify which plant Mr. Smith was referring to.

See also  Biden has no immediate plans at the moment to travel to Saudi Arabia

While a lot of Russian cyber activity is focused on Ukraine, Microsoft discovered 128 network hacks in 42 countries. Microsoft concluded that of the 29 percent of Russian attacks that successfully compromised a network, only a quarter resulted in data theft.

Outside of Ukraine, Russia has focused its attacks on the United States, Poland, and two ambitious NATO members, Sweden and Finland. Other members of the coalition were also targeted, especially since they began to supply Ukraine with more weapons. However, those breaches have been limited to surveillance – suggesting that Moscow is trying to avoid engaging NATO countries directly in the fight through cyberattacks, as much as it refrains from launching physical attacks on those countries.

But Microsoft, other technology companies and government officials said Russia has linked the hacking attempts to broad efforts to spread propaganda around the world.

Microsoft tracked the growth of Russian advertising consumption in the US in the first weeks of the year. It peaked at 82 percent before the invasion of Ukraine on February 24, with 60 million to 80 million page views per month. Microsoft said that this number rivals page views of the largest traditional media sites in the United States.

One example Mr. Smith cited is that Russian propaganda inside Russia is pushing its citizens to get vaccinated, while its English-language message is spreading anti-vaccine content.

Microsoft has also followed a rise in Russian propaganda in Canada in the weeks before a trucker’s convoy protesting vaccine mandates attempted to shut down Ottawa, and in New Zealand ahead of protests there against public health measures aimed at combating the pandemic.

See also  Poland is ready to provide combat aircraft

“It is not even a case of consumption following the news; it is not even a case of post-news amplification efforts,” said Mr. Smith. “But I think it is fair to say that it is not only a case of this amplification that precedes the news, but it is very likely trying to create news Same day and influence on it.”

Senator Angus King, an independent from Maine and a member of the Senate Intelligence Committee, noted that while private companies can track Russian efforts to spread disinformation within the United States, U.S. intelligence agencies are constrained by laws that prevent them from peering into U.S. networks.

“There is a gap, and I think the Russians realize that, and it has enabled them to take advantage of an opportunity in our system,” said Mr. King, who also spoke at the Reagan Institute.

A provision in this year’s defense policy bill being considered by Congress would require the National Security Agency and its military cousin, U.S. Cyber ​​Command, to report to Congress every two years on election security, including efforts by Russia and other foreign powers to influence Americans. .

“Ultimately, the best defense is for our employees to be better consumers of information,” King said. “We have to do a better job of educating people to be better consumers of information. I call it digital literacy. And we have to teach children in fourth and fifth grades how to distinguish between a fake website and a real website.”

Leave a Reply

Your email address will not be published. Required fields are marked *