Many Russian Cyberattacks Failed in First Months of Ukraine War, Study Says

WASHINGTON – A new test of how Russia used its cyber capabilities in the first months of the war in Ukraine raises several surprises: Moscow launched more cyber-attacks than was realized at the time, but more than two-thirds of them failed. , Echoes his poor performance on the physical battlefield.

However, a study published by Microsoft on Wednesday suggested that President Vladimir V. Putin’s government has been more successful than expected with its misinformation campaign to establish a war narrative favorable to Russia, in which the United States was secretly producing biological weapons inside Ukraine.

The report is the latest attempt by many groups, including American intelligence agencies, to understand the interaction of brutal physical warfare with the parallel – and often integrated – conflict in cyberspace. It shows that Ukraine is well prepared to stop it after enduring cyber attacks for many years. This was at least partly due to a well-established system of alerts from private-sector companies, including Microsoft and Google, and preparations to move Ukraine’s most important systems to the cloud on servers outside Ukraine.

Russia’s cyber-attacks and disinformation campaigns show that in Ukraine, the United States, Poland and the Baltic states – only 29 percent of attacks violate the targeted network. But that information points to a more successful ongoing effort to dominate the war, with Russia blaming Washington and Kiev for initiating the ongoing conflict in the east and south of Ukraine.

War is the first full-scale war in which conventional and cyber weapons have been used simultaneously, and there is an ongoing competition between the two to find never-before-seen dynamics. So far, it has evolved from dynamic to very low expectations.

Initially, analysts and government officials were struck by the absence of crippled Russian attacks on Ukraine’s power grid and communications systems. In April, Chris Inglis, President Biden’s national cyber director, said the “question of the moment” was why Russia did not “play a very significant cyber game, at least against NATO and the United States.” He speculated that the Russians thought they were heading for a quick victory in February but were “distracted” when obstacles to the war effort came.

A report by Microsoft states that Russia attempted a major cyber attack on February 23, the day before the physical invasion. The attack was an attempt to use “Viper” software that wiped out data on government networks, using malware called Foxblade. Around the same time, Russia attacked the Vyasat satellite communications network, hoping to cripple the Ukrainian military.

“We I think he was one of the first to witness the first shot fired on February 23, “said Brad Smith, president of Microsoft.

“It’s a huge, intense, but vicious set of attacks, attacks that started with a form of Viper software, attacks that are actually being coordinated from different parts of the Russian government,” he added at a forum at Ronald on Wednesday. Reagan Presidential Foundation and Institute in Washington.

But many attacks were thwarted, or enough futility was created in Ukrainian networks that the effort suffered little damage. As a result, there have been fewer reports of attacks, Mr Smith said.

In many cases, Russia coordinated the use of its cyber weapons with conventional attacks, including dismantling the computer network of a nuclear power plant before its troops could advance to capture it, Mr Smith said. Microsoft officials declined to identify what plans Mr. Smith was referring to.

While much of Russia’s cyber activity is concentrated in Ukraine, Microsoft has detected 128 network intrusions in 42 countries. Of the 29 percent of Russian attacks that have successfully entered the network, Microsoft has concluded that only a quarter of the data was stolen.

Outside of Ukraine, Russia has focused its attacks on the United States, Poland and two aspiring members of NATO, Sweden and Finland. Other coalition members were also targeted, especially as they began supplying more weapons to Ukraine. Those violations, however, are limited to surveillance – which shows that Moscow is trying to avoid bringing NATO nations into direct combat through cyber attacks, as it avoids physical attacks on those countries.

But Microsoft, other technology companies and government officials have said Russia has linked the infiltration efforts to widespread efforts to spread the word around the world.

Microsoft tracked growth in the use of Russian propaganda in the United States in the first week of the year. It peaked at 82 percent before the February 24 invasion of Ukraine, with 60 million to 80 million monthly page views. That figure, Microsoft said, rivals page views on the largest traditional media sites in the United States.

One example Mr Smith cited was that Russian propaganda inside Russia was forcing its citizens to be vaccinated, while its English-language messages spread anti-vaccine material.

Microsoft also tracked the increase in Russian publicity in Canada in the weeks before the trucker convoy tried to shut down Ottawa in protest of the vaccine order, and before it protested against public health measures to combat the epidemic in New Zealand.

“It’s not a matter of consumption following the news; That news is not a case of amplification attempt, “said Mr Smith. “But I think it’s fair to say that it’s not just a case of this amplification before the news, but probably trying to create and influence the composition of the news of the day.”

Senator Angus King, an independent from Maine and a member of the Senate Intelligence Committee, noted that while private companies can track Russian attempts to spread false information within the United States, American intelligence agencies are limited by law that prevents them from being seen inside the American network.

“There’s a gap, and I think the Russians are aware of it, and that enables them to exploit the beginnings in our system,” said Mr. King, who also spoke at the Reagan Institute.

The National Security Agency and its military cousin, the United States Cyber ​​Command, will be required to report to Congress every two years on election security for the provisions being considered by Congress in this year’s Defense Policy Bill, including efforts by Russia and other foreign powers. Is. Impress Americans.

“Ultimately, the best defense is for our own people to become better consumers of information,” Mr. King said. “We have to do a better job of educating people to become better consumers of information. I call it digital literacy. And we have to teach fourth and fifth graders how to distinguish a fake website from a real one. ”

Leave a Reply

Your email address will not be published. Required fields are marked *