Frame-14

Privacy Ninja

        • DATA PROTECTION

        • CYBERSECURITY

        • Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$3,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Secure your application’s future with our API Penetration Test, designed to identify vulnerabilities and protect your data through real-world attack simulations.

        • Network Penetration Testing
        • Boost your network’s security with our Network Penetration Testing service, where we simulate cyber-attacks to uncover vulnerabilities before they can be exploited by malicious actors.

        • Mobile Penetration Testing
        • Identify and address security vulnerabilities in your mobile app through simulated cyber-attacks, ensuring the safety of user data and seamless functionality.

        • Web Penetration Testing
        • Discover and mitigate security risks in your web application through simulated cyber-attacks, fortifying your online presence against potential threats.

        • RAPID DIGITALISATION

        • OTHERS

Microsoft: Russia Stepped up Cyberattacks Against Ukraine’s Allies

Microsoft: Russia Stepped up Cyberattacks Against Ukraine’s Allies

Microsoft said today that Russian intelligence agencies have stepped up cyberattacks against governments of countries that have allied themselves with Ukraine after Russia’s invasion.

Since the start of the war, threat actors linked to several Russian intelligence services (including the GRU, SVR, and FSB) have attempted to breach entities in dozens of countries worldwide, prioritizing governments, according to Microsoft Threat Intelligence Center (MSTIC) analysts.

“MSTIC has detected Russian network intrusion efforts on 128 targets in 42 countries outside Ukraine,” said Microsoft’s President and Vice-Chair Brad Smith.

Also Read: Free PDPA Singapore Checklist 2020

“These represent a range of strategic espionage targets likely to be involved in direct or indirect support of Ukraine’s defense, 49 percent of which have been government agencies.”

The vast majority of these attacks are, as expected, primarily focused on obtaining sensitive information from government agencies in countries currently playing crucial roles in NATO’s and the West’s response to Russia’s war.

 Countries outside Ukraine targeted by Russian cyber espionage attacks
 Ukraine allies targeted by Russian cyber-espionage attacks (Microsoft)

Non-governmental organizations (NGOs) were also targeted in another 12 percent of attacks, likely because of their involvement in supporting Ukrainian refugees and civilians as humanitarian groups or their role as think tanks focused on foreign policy.

The rest of the attacks mainly targeted organizations in critical economic or defense industry sectors, as well as energy or IT companies.

“While these targets are spread around the globe, 63 percent of this observed activity has involved NATO members,” Smith added (full report as PDF).

“Based on MSTIC’s observations, Russian cyber espionage efforts have focused on targets in the United States more than any other country, with American targets representing 12 percent of the global total outside Ukraine.”

Microsoft further revealed that, since Russia invaded Ukraine, Russian-backed threat actors have succeeded in 29% of their attacks. In a quarter of these intrusions, they were also able to exfiltrate stolen data.

Also Read: The FREE Guide To The 9 Obligations Of PDPA

Russian intrusion targets
Russian intrusion targets (Microsoft)

Ukraine hit by hundreds of cyberattacks since the war started

In April, Microsoft published another report focused on Russian cyberattacks targeting Ukraine since the invasion.

As the company revealed at the time, Russian-backed state hackers were behind hundreds of attempts to target the country’s infrastructure and citizens.

Their attacks also delivered destructive malware designed to take down critical systems and disrupt civilians’ access to reliable information and critical life services.

Among the observer destructive attacks (more than 30 between February 23 and April 8) against dozens of Ukrainian organizations, 32% directly targeted government agencies, while over 40% aimed to breach critical infrastructure.

Microsoft has also noticed direct links between military operations and cyberattacks, with the timing of hacking attempts closely matching that of Russian sieges and missile strikes.

Military strikes - cyberattack correlation
Military strikes – cyberattack correlation (Microsoft)

In late March, the Google Threat Analysis Group (TAG) observed phishing attacks coordinated by the COLDRIVER Russian-based threat group against NATO and European military entities.

Another Google TAG report from early March with even more details on malicious activity linked to the Russian war in Ukraine also exposed Russian, Chinese, and Belarus state hackers’ efforts to compromise Ukrainian and European orgs and officials.

“The Russian invasion relies in part on a cyber strategy that includes at least three distinct and sometimes coordinated efforts—destructive cyberattacks within Ukraine, network penetration and espionage outside Ukraine, and cyber influence operations targeting people around the world,” Smith added.

“This war pits Russia, a major cyber-power, not just against an alliance of countries. The cyber defense of Ukraine relies critically on a coalition of countries, companies, and NGOs.”

0 Comments

KEEP IN TOUCH

Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection

REPORTING DATA BREACH TO PDPC?

We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.
×

Hello!

Click one of our contacts below to chat on WhatsApp

× Chat with us