Russian hackers plotting another cyber attack against Ukraine - Microsoft
Russia seems to be preparing a new round of cyber attacks against Ukraine and organizations serving Ukraine's supply lines.
That’s according to Microsoft’s research report seen by Reuters, Ukrinform wrote.
The report by the company's cyber security research and analysis team outlines a series of new discoveries and outlooks about Russian cyber operations throughout the war.
“Since January 2023, Microsoft has observed Russian cyber threat activity adjusting to boost destructive and intelligence gathering capacity on Ukraine and its partners’ civilian and military assets,” reads the report.
According to experts, one group “appears to be preparing for a renewed destructive campaign.”
Experts say the tactic of combining physical military operations with cyber techniques mirrors prior Russian activity.
Microsoft found that the so-called “Sandworm,” a particularly sophisticated Russian hacking team, was testing “additional ransomware-style capabilities that could be used in destructive attacks on organizations outside Ukraine that serve key functions in Ukraine’s supply lines.”
A ransomware attack typically involves hackers penetrating an organization, encrypting their data and extorting them for payment to regain access. Historically, ransomware has also been used as cover for more malicious cyber activity, including so-called wipers that simply destroy data.
Since January 2022, Microsoft said it had discovered at least nine different wipers and two types of ransomware variants used against more than 100 Ukrainian organizations.
Also, more stealthy Russian cyber operations are intensifying, designed to directly compromise organizations in countries allied to Ukraine.
"In nations throughout the Americas and Europe, especially Ukraine’s neighbors, Russian threat actors have sought access to government and commercial organizations involved in efforts to support Ukraine," said Clint Watts, general manager for Microsoft's Digital Threat Analysis Center.
As reported, law enforcers in Germany and Ukraine, with the support of Europol, the FBI, and the Netherlands authorities, conducted a series of raids in the case of an international hacker group that had been active for several years. Russian nationals are among the suspects.