According to Microsoft, the use of Russian cyber weapons in Russia’s war against Ukraine marks a new era of international conflicts. For the first time, according to Microsoft’s “Digital Defense Report 2022”, accompanying cyber weapons are being used on a large scale in an armed conflict, which are intended to increase the effectiveness of the attacks. Russia is waging a hybrid war of aggression against Ukraine. According to Microsoft, hackers commissioned by Russia launched a series of attacks on the systems of Ukrainian companies and government agencies on the eve of the war. They would have aimed to weaken Ukraine’s communications and defense capabilities. Microsoft’s analysts counted 237 cyberattacks carried out by six different hacker groups linked to Russian intelligence agencies. One of the first missiles of the Ukraine war was also fired at a data center in the country.
Like the Russian army’s attack on Kyiv, the Russian cyber attack was largely repelled. According to Microsoft, the solution was a kind of retreat for the attacked Ukrainian IT: It relocated important functions to cloud services from international providers that could not be hit by Russian attacks or were much more difficult to hit. Another aspect of Russian cyber warfare, which experts now call cyber influence operations, i.e. covert propaganda, is much more difficult to counter.
Since the beginning of the year, Microsoft has been using the so-called Russian Propaganda Index to monitor how much traffic ends up on sites where Russian fake news is placed. At the start of the Ukraine war, Ukrainians saw three times as much Russian propaganda as usualin the USA the proportion rose by a good 90 percent.
If you want to know how cybersecurity is doing in the western world, Microsoft’s annual cybersecurity report is a good source. The reason for the company’s expertise is primarily the widespread use of its Windows operating system and the products supplied with it. These provide real-time data to the Microsoft security team. And that’s a lot: According to Microsoft, the company receives 43 trillion signals every day, which are then sorted, viewed and weighted by algorithms and around 8,500 experts.
Division of labor in the cyber underworld
Other companies may have better hacker hunters or better cybersecurity products. Microsoft has an overview of the trends and broad lines in government cyber attacks and crime on the Internet. Once a year, the company lets you take a deep look at the cards. The topic is not only increasingly aggressive attacks by state hackers from Russia, Iran and China, but also the latest developments in cybercrime. Accordingly, a trend that has already been observed in recent years is continuing. While some companies are protecting their networks more and more effectively in the face of the ransomware plague, the criminal scene is also becoming more professional and operates more and more in a collaborative manner.
There are criminal service providers who specialize in gaining access to company networks, specialists who program ransomware and keep it up to date, and experts who take over communication with companies when their files have been encrypted.
According to Microsoft, the professionalization of criminal networks means that there are more and more attacks that also have serious consequences outside the digital world. Such as a cyber attack on the government of Costa Rica, after which hospitals had to close and taxes could not be collected, on the Greek Post Office, which could no longer deliver letters, or an attack on India’s largest airline, which led to large-scale flight cancellations.