According to the study, many Russian cyber attacks failed in the first months of the Ukraine war


WASHINGTON – A new investigation into how Russia used its cyber capabilities in Ukraine in the early months of the war contains a number of surprises: Moscow conducted more cyberattacks than was then thought to support its invasion, but more than two-thirds of them failed , reflecting his poor performance on the physical battlefield.

But the study released by Microsoft on Wednesdayimplied that the administration of President Vladimir V. Putin has had more success than many expected with its disinformation campaign to establish a pro-Russian war narrative, including allegations that the United States is secretly manufacturing biological weapons in Ukraine.

The report is the latest attempt by many groups, including American intelligence agencies, to understand the interaction of a brutal physical war with a parallel — and often coordinated — struggle in cyberspace. It pointed out that Ukraine is well prepared to face cyber attacks after enduring them for many years. This was due, at least in part, to a well-established alert system by private sector companies including Microsoft and Google, and preparations that included moving many of Ukraine’s key systems to the cloud on servers outside Ukraine.

The report on Russia’s cyber attacks and disinformation campaigns showed that only 29 percent of the attacks breached the target networks – in Ukraine, the United States, Poland and the Baltic States. But it points to a more successful attempt to dominate the information war in which Russia has accused Washington and Kyiv of starting the conflict now raging in eastern and southern Ukraine.

The war is the first full-scale battle in which traditional and cyber weapons have been used side by side, and the race is on to explore the never-before-seen dynamic between the two. So far, very little of this dynamic has unfolded as expected.

At first, analysts and government officials were surprised that there were no devastating Russian attacks on Ukraine’s power grid and communications systems. In April, President Biden’s national cyber director Chris Inglis said “the question of the moment” is why Russia has not “at least played a very significant cyber game against NATO and the United States.” He speculated that the Russians thought they were headed for a quick victory in February but were “distracted” when the war effort encountered obstacles.

The Microsoft report states that Russia attempted a major cyberattack on February 23, the day before the physical invasion. This malware attack, called FoxBlade, was an attempt to use “wiper” software to wipe data on government networks. Around the same time, Russia attacked the Viasat satellite communications network in hopes of crippling the Ukrainian military.

“We were, I believe, among the first to witness the first shots fired on February 23,” said Brad Smith, Microsoft president.

“It was an impressive, intense, even cruel series of attacks, attacks that started with some form of wiper software, attacks that are really coordinated by different parts of the Russian government,” he added at a forum in the Ronald on Wednesday Reagan Presidential Foundation and Institute in Washington.

But many of the attacks were thwarted, or enough redundancy was built into Ukraine’s networks that the effort did little harm. The result, said Mr. Smith, is that the attacks have been underreported.

In many cases, Russia coordinated its use of cyberweapons with conventional attacks, including shutting down a nuclear power plant’s computer network, before deploying its troops to take it over, Mr Smith said. Microsoft officials declined to identify which work Mr. Smith was referring to.

While much of Russia’s cyber activity has been focused on Ukraine, Microsoft has detected 128 network attacks in 42 countries. Of the 29 percent of Russian attacks that successfully penetrated a network, Microsoft concluded that only a quarter of them resulted in the theft of data.

Outside Ukraine, Russia has focused its attacks on the United States, Poland and two up-and-coming NATO members, Sweden and Finland. Other Allies were also targeted as they began supplying more arms to Ukraine. However, these violations were limited to surveillance – suggesting that Moscow is trying to avoid engaging NATO countries directly in the fight through cyberattacks, just as it refrains from physical attacks on those countries.

But Microsoft, other tech companies, and government officials have said Russia has paired these infiltration attempts with a broad effort to spread propaganda around the world.

Microsoft tracked the increase in consumption of Russian propaganda in the United States for the first few weeks of the year. Just before the invasion of Ukraine on February 24, it peaked at 82 percent with 60 to 80 million page views per month. That number, Microsoft said, rivaled page views on the largest traditional media sites in the United States.

An example Mr. Smith gave was Russian propaganda in Russia urging its citizens to get vaccinated, while his English-language news broadcasts anti-vaccination content.

Microsoft also tracked the surge in Russian propaganda in Canada in the weeks before a trucker convoy protesting vaccination mandates attempted to shut down Ottawa, and in New Zealand before protests there over public health measures to combat the pandemic took place.

“It’s not about consuming after the news; it’s not even a post-news reinforcement effort,” said Mr. Smith. “But I think it’s fair to say that it’s not just about this amplification that precedes the news, but potentially trying to influence and influence the making of the day’s news itself.”

Senator Angus King, an Independent of Maine and a member of the Senate Intelligence Committee, noted that private companies can track Russian efforts to spread disinformation in the United States, but American intelligence agencies are constrained by laws preventing them from penetrating American networks .

“There’s a loophole, and I think the Russians are aware of that, and it allowed them to exploit a loophole in our system,” said Mr. King, who also spoke at the Reagan Institute.

A provision in this year’s defense bill, under consideration by Congress, would require the National Security Agency and its military cousin, the United States Cyber ​​Command, to report biennially to Congress on election security, including efforts by Russia and other foreign powers to influence Americans.

“Ultimately, the best defense is that our own people are better consumers of information,” Mr. King said. “We need to educate people better to be better consumers of information. I call it digital literacy. And we need to teach fourth and fifth graders how to tell a fake website from a real website.”

Source link

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.