Many Russian Cyberattacks Failed in First Months of Ukraine War, Study Says

WASHINGTON – A new test of how Russia used its cyber capabilities in the first months of the war in Ukraine has come as a surprise: Moscow launched more cyber-attacks than was realized at the time, but more than two-thirds of them failed. , Echoes his poor performance on the physical battlefield.

However, a study published by Microsoft on Wednesday suggested that President Vladimir V. Putin’s government is succeeding more than expected with its false information campaign to establish a pro-Russia war story, in which the United States was secretly producing biological weapons inside Ukraine.

The report is the latest attempt by many groups, including American intelligence agencies, to understand the interaction of brutal physical warfare with the parallel – and often integrated – conflict in cyberspace. It shows that Ukraine is well prepared to stop it after enduring cyber attacks for many years. This was at least partly due to a well-established system of alerts from private-sector companies, including Microsoft and Google, and preparations to move Ukraine’s most important systems to the cloud on servers outside Ukraine.

Russia’s cyber-attacks and disinformation campaigns show that in Ukraine, the United States, Poland and the Baltic states – only 29 percent of attacks violate the targeted network. But that information points to more successful attempts to dominate the war, with Russia blaming Washington and Kiev for initiating the conflict that has begun in the east and south of Ukraine.

War is the first full-scale war in which conventional and cyber weapons have been used simultaneously, and the race to find never-before-seen dynamics continues between the two. So far, it has evolved from dynamic to very low expectations.

Initially, analysts and government officials were struck by the absence of crippled Russian attacks on Ukraine’s power grid and communication systems. In April, Chris Inglis, President Biden’s national cyber director, said the “question of the moment” was why Russia did not “play a very significant cyber game, at least against NATO and the United States.” He speculated that the Russians thought they were heading for a quick victory in February but were “distracted” when obstacles to the war effort came.

Microsoft reports that Russia attempted a major cyber attack in February. 23, the day before the physical attack. The attack was an attempt to use “Viper” software, which wiped out data on government networks, using malware called Foxblade. Around the same time, Russia attacked the Viasat satellite communications network, hoping to cripple the Ukrainian military.

“We I think they were the first to witness the first shot fired on February 23, “said Brad Smith, president of Microsoft.

“It’s a massive, intensive, but vicious group of attacks, attacks that started with a form of Viper software, attacks that are actually being coordinated from different parts of the Russian government,” he added at a forum at Ronald on Wednesday. Reagan Presidential Foundation and Institute in Washington.

But many of the attacks were thwarted, or enough futility was created in the Ukrainian networks that the efforts suffered little damage. The result, Mr. The attack has been less reported, Smith said.

In many cases, Russia coordinated the use of its cyber weapons with conventional attacks, including taking down the computer network of a nuclear power plant before moving its troops to capture it, Mr. Said Smith. Microsoft officials declined to identify which plant Mr. Smith was mentioned.

While most of Russia’s cyber activity is focused on Ukraine, Microsoft has detected 128 network infiltrations in 42 countries. Of the 29 percent of Russian attacks that have successfully entered the network, Microsoft has concluded that only a quarter of that data was stolen.

Outside of Ukraine, Russia has focused its attacks on the United States, Poland and two aspiring members of NATO, Sweden and Finland. Other coalition members were also targeted, especially as they began supplying more weapons to Ukraine. Those violations, however, are limited to surveillance – which shows that Moscow is trying to avoid bringing NATO nations into direct combat through cyber attacks, as it avoids physical attacks on those countries.

But Microsoft, other technology companies and government officials have said Russia has linked the infiltration efforts to widespread efforts to spread the word around the world.

Microsoft tracked growth in the use of Russian propaganda in the United States in the first week of the year. It had peaked at 82 per cent before February. 24 invasions of Ukraine, with 60 million to 80 million monthly pageviews. That figure, Microsoft said, rivals Page View on the largest traditional media sites in the United States.

One example, Smith cited, is that Russian propaganda inside Russia forces its citizens to be vaccinated, while its English-language messages spread anti-vaccine content.

Microsoft also tracked the rise of Russian propaganda in Canada in the weeks before the trucker convoy tried to shut down Ottawa in protest of the vaccine order, and before it protested against public health measures to combat the epidemic in New Zealand.

“It’s not a matter of consumption following the news; There is no case of amplification attempt following that news, ”said Shri. Said Smith. “But I think it’s fair to say that it’s not just a case of this amplification before the news, but probably trying to create and influence the composition of the news of the day.”

Senator Angus King, an independent from Maine and a member of the Senate Intelligence Committee, noted that while private companies can track Russian attempts to spread false information within the United States, American intelligence agencies are limited by law that prevents them from being seen inside the American network.

“There is a gap, and I think the Russians are aware of it, and that enables them to use openings in our system,” he said. King, who also spoke at the Reagan Institute.

The National Security Agency and its military cousin, the United States Cyber ​​Command, will be required to report to Congress every two years on election security for the provisions being considered by Congress in this year’s Defense Policy Bill, including efforts by Russia and other foreign powers. Is. Impress Americans.

“Ultimately, the best defense is for our own people to become better consumers of information,” Mr. Said the king. “We have to do a better job of educating people to become better consumers of information. I call it digital literacy. And we have to teach fourth and fifth graders how to distinguish a fake website from a real one. ”

Similar Posts

Leave a Reply

Your email address will not be published.