Microsoft Warns of Russian Cyberattacks Throughout Winter

Colin Thierry
Colin Thierry Writer
Colin Thierry Colin Thierry Writer

Microsoft warned last week of Russian-sponsored cyberattacks continuing to target Ukrainian infrastructure and NATO allies in Europe during the upcoming winter.

In a report published over the weekend, the tech giant said that it observed a pattern of targeted attacks on infrastructure in Ukraine by the Russian military intelligence threat group Sandworm, in association with missile strikes.

Along with these attacks, Sandworm initiated a propaganda campaign to undermine Western support for Ukraine.

This propaganda also looked to undermine European support for Ukraine and sow discord in order to disrupt the supply of aid and weaponry to Ukraine.

These attacks are expected to continue into the near future and could even extend beyond Ukraine’s borders to target countries and companies providing the country with key supplies.

Microsoft said in a statement last week that Europe should be prepared for “several lines of potential Russian attack in the digital domain over the course of this winter.”

“We believe these recent trends suggest that the world should be prepared for several lines of potential Russian attack in the digital domain over the course of this winter,” the company added. “Russia will seek to exploit cracks in popular support for Ukraine to undermine coalitions essential to Ukraine’s resilience, hoping to impair the humanitarian and military aid flowing to the region.”

“We should also be prepared for cyber-enabled influence operations that target Europe to be conducted in parallel with cyberthreat activity,” said Microsoft.

Sandworm is an elite Russian hacking group that’s been active for at least the past two decades. It was previously linked to malicious campaigns leading to the Ukrainian blackouts of 2015 and 2016, the KillDisk wiper attacks targeting Ukrainian banks, and the NotPetya ransomware.

Microsoft’s report comes following the company’s warning in June regarding Russian intelligence agencies increasing cyberattacks against governments of countries that were helping Ukraine after Russia’s invasion, and attempting to breach entities in dozens of countries across the globe.

Most of the attacks mainly focused on acquiring sensitive information from governments of countries playing key roles in NATO’s and the West’s response to Russia’s invasion.

About the Author

About the Author

Colin Thierry is a former cybersecurity researcher and journalist for SafetyDetectives who has written a wide variety of content for the web over the past 2 years. In his free time, he enjoys spending time outdoors, traveling, watching sports, and playing video games.