Microsoft warns about Russian cyberattacks all winter

Microsoft warned that Russian-sponsored cyberattacks will continue to strike Ukraine’s infrastructure as well as NATO Allies throughout Europe, during the winter.

Redmond stated in a weekend report that the Russian military intelligence threat group Sandworm had been targeting infrastructure in Ukraine. This was in conjunction with the launch of missiles.

These attacks were accompanied by propaganda campaigns to weaken Western support for Ukraine (from NATO, EU and the U.S.).

Russian propaganda also aimed to weaken European support for Ukraine, sow discord and disrupt the supply of weapons and aid to Ukraine.

The attacks will continue, and they could spread beyond Ukraine’s borders and target other countries or companies that supply vital supplies to the country.

Microsoft states that Europe must be ready for “several Russian attacks in the digital domain during this winter.”

The company that “we believe these trends suggest the world should prepare for multiple lines of Russian attack in digital domain during the course of the winter.”

Russia will try to use cracks in Ukrainian popular support to weaken coalitions that are essential for Ukraine’s resilience. This is to hinder the flow of humanitarian and military assistance to the region.

We should be ready for cyber-enabled cyberthreat operations to target Europe.

Sandworm, a Russian elite hacker group, has been around for over two decades. They have previously been linked to malign campaigns that led to the Ukrainian blackouts in 2015 and 2016, [1, 2, 3,], the KillDisk wiper attack on Ukrainian banks and NotPetya ransomware.

Russian threats actors attack Ukraine and NATO allies

After Microsoft had warned that Russian intelligence agencies, including the GRU and SVR, were increasing cyberattacks on governments of countries who have helped Ukraine in its invasion. They are now attempting to hack entities in dozens more countries around the world.

Most of the attacks targeted governments in countries that play crucial roles in NATO and West’s responses to Russia’s aggression.

The Sandworm Russian military hackers have been linked with recent ransomware attacks on Ukraine that were launched in November.

ESET, a Slovakian software company that first detected the attack wave, stated at the time that RansomBoggs ransomware had been discovered on multiple networks belonging to Ukrainian organisations.

Microsoft claimed that Sandworm is also responsible for aimed at the supply chain, attacking transport and logistics companies in Ukraine. This attack began in October.

The Google Threat Analysis Group, (TAG), observed in March phishing attacks against NATO military units and European military personnel that were coordinated by COLDRIVER Russian threat group.

A Google TAG report from March that provides additional details about revealed Russian, Chinese and Belarus state hackers’ attempts to compromise Ukrainian orgs, officials, and govs.