Hackers Compete Their Skills At Seccon Cyber Security Contest
A report from Microsoft compared the Russian hack that preceded its war on Ukraine to the assassination of Archduke Franz Ferdinand, an event that led to the outbreak of World War I.
According to a report by Vice , Microsoft President Brad Smith wrote in the foreword to the report that "the recorded history of every war usually includes an account of the first shots fired and who witnessed them."
Events escalated towards the outbreak of World War I in 1914, when armed men in full view of a street in Sarajevo used grenades and a pistol to assassinate the Archduke of the Austro-Hungarian Empire. "The war in Ukraine follows this pattern," Smith said, but the "first shots" in that war were fired hours before Russian tanks crossed the Ukrainian border, in the form of an electronic weapon called a Foxblade deployed against Ukrainian computers.
Microsoft is one of the world's leading cybersecurity companies and regularly publishes reports about malicious online activities from criminals and governments.
Just a few months later, the Russian war on Ukraine caused atrocities not seen in Europe in decades. According to the Office of the United Nations High Commissioner for Human Rights, more than 4,662 Ukrainian civilians have been killed in Russian attacks since February 24.
This crisis is primarily the result of a traditional “hot war,” which means Russia deploys troops, tanks, bombs, etc., but - as Microsoft's report details in detail - this war is also supported by large, coordinated cyber campaigns.
Cyber threat from Russia. Russian hacker at the computer, on a background of binary code, the colors of the flag of Russia. DDoS attack
Russia's electronic weapons
The "Foxblade" program, which Smith referred to, is a Russian-made "squeegee" program designed to infiltrate the Ukrainian government's systems and erase its data.
A few hours before the start of the war against Ukraine, Microsoft's Threat Information Center discovered the launch of the Russian program against 19 government agencies and critical infrastructure institutions, according to the report.
The report also details other Russian-made malware, such as WhisperGate and DoubleZero, most of which the Microsoft team found themselves.
The report stated that "Fox Blade" was set up by a Russian group called "Iridim", also known as "Sandorm".
Smith said the key to Ukraine's success in defending against these attacks was that Ukraine was able to distribute its data via cloud storage on servers spread across a number of countries.
Outside Ukraine, the report found that 128 organizations in 42 other countries were targeted. The report stated that Russia's priority was, of course, the United States.
Poland was also at the top of the list because it was a center for "the logistical delivery of military and humanitarian aid", and many Baltic and Scandinavian countries were also included.
Of the malware campaigns that Microsoft detected, 29% were successful, the report states, and a quarter of those campaigns resulted in "successful enterprise data mining". He explains that that percentage is likely to be an underestimate, because many of the victims were working on local servers, not cloud-based.
Russia has also run some social media-based advertising campaigns, with varying degrees of success, according to a Microsoft report, which notes that those campaigns focus on four different messages targeting Russians, Ukrainians, Americans, and "non-aligned" residents.
The report said that propaganda directed at Ukrainians, for example, was aimed at "undermining confidence in the country's readiness and ability to resist Russian attacks." While the propaganda directed at the United States in order to "undermine Western unity."