The war between russia and ukraine is leaving some cybersecurity lessons four months after its start, which highlight the sophisticated and wide-ranging influence that Russian operations have both to reinforce their efforts and to undermine the unity of the West.
A cyber attack against Ukraine’s digital infrastructure on February 23 he anticipated the ground invasion that would take place a day later. The witnesses of this first offensive of a war that has lasted for four months were in Redmond (United States).
Microsoft researchers notified the Ukrainian government and offered technical support to prevent the success of the Foxblade malware, as the company’s president, Brad Smith, explained a few days later.
The technology company has analyzed the cyber sphere of this war, from which it ensures that some initial lessons can be drawn. “The world can now begin to assess strengths and weaknesses initial and relative offensive and defensive cyber operations,” he said in a statement.
Specifically, Microsoft has distinguished “at least three different and sometimes coordinated efforts”, which correspond to the destructive cyberattacks carried out inside Ukraine, the access and espionage of the networks of this country and what it calls “cyber influence operations” that have been addressed to everyone.
Ukraine’s data centers and servers became one of the first targets of Russian missiles. Microsoft highlights that what saved the Ukrainian government from losing its digital infrastructure was its move to the cloud, “where it has been hosted in data centers across Europe”.
On the other hand, Ukraine has managed to resist Russian cyberattacks that sought to access the networks of agencies and companies in the country mainly by advances in threat intelligence y endpoint protection (‘endpoint’) connected to the Internet.
In any case, from Microsoft they warn that Russian cyberattacks are currently more sophisticated and more widespread than many reports acknowledge”, and that those responsible are adapting it to “the changing needs of war, even combining cyber attacks with the use of conventional weapons”.
Likewise, it has been detected that Russia has intensified its attacks against the governments of Ukraine’s allied countries. Specifically, the technology company has detected attempts to intrude on the Russian network in 128 organizations in 42 countries outside the invaded country.
“Since the beginning of the war, the Russian targets that we have identified have been successful. 29 percent of the time. A quarter of these successful intrusions have led to the confirmed breach of an organization’s data.”
For Microsoft, “the lessons from Ukraine require a coordinated and comprehensive strategy to strengthen defenses against the full range of operations of cyber destruction, espionage and influence”. They are also “a call to action to take effective measures that will be vital for the protection of the future of democracy”, he concludes.