Microsoft has released a new report detailing a series of cyberattacks launched by Russia against critical infrastructure operators in Ukraine.
Although the company did not explicitly link the cyberattacks to the war in Ukraine, it said the military and cyberattackers “share the same goal”, Reuters reports. In many cases, it seems, cyberattacks “laid the groundwork” for military operations.
While cyber warfare began a year before the military invasion, the volume of attacks has increased over the past three months.
Since Feb. 23, a total of 37 Russian cyberattacks against key Ukrainian targets have been observed, Microsoft said.
“Russian generals and spies tried to make cyberattacks part of their war effort as they struggled on the battlefield,” Thomas Rid, a professor of strategic studies at Johns Hopkins University, told Reuters.
In one example, Russian hackers attacked media companies in Ukraine the same day missiles hit the kyiv TV tower. And in another case, “suspected Russian actors” were spotted hiding in Ukrainian critical infrastructure endpoints in Sumy, two weeks before the power cut in the region.
Victor Zhora, a senior Ukrainian cybersecurity official, said he expects more Russian attacks on critical infrastructure.
“I think they can organize more attacks against these sectors,” Zhora told reporters. “We shouldn’t underestimate Russian hackers but we probably shouldn’t overestimate their potential.”
Even some commercial threat actors have joined the war effort. Conti, for example, a known ransomware operator based in Russia, declared his support for the invasion, prompting Ukrainian hackers to leak Conti’s private chats, and even ransomware source code.