Microsoft: Russia Stepping Up Hacking, Cyber Penetration Efforts on 42 Ukraine Allies

Four months into its war on Ukraine, Russia is carrying out cyber operations on much more than its neighbor, according to a report released by Microsoft Thursday.

In the report, Microsoft said it detected Russian network intrusion efforts in 128 organizations in 42 countries outside Ukraine, with the majority of its “strategic espionage” focused on governments, think tanks, aid groups and businesses. Russia has most often targeted the U.S. and other NATO countries, including Poland, where military logistics and humanitarian assistance is being coordinated.

“Since the start of the war, the Russian targeting we’ve identified has been successful 29 percent of the time,” the Microsoft report said. “A quarter of these successful intrusions has led to confirmed exfiltration of an organization’s data, although as explained in the report, this likely understates the degree of Russian success.”

Brad Smith, president and vice chairman of Microsoft, said in a Thursday conversation with the Washington Post’s David Ignatius that Russia’s successful attacks “tend to be in certain kinds of” on premise networks. Smith said cloud networks, secured by companies “whose core competencies” are in IT security, are safer than on premise networks. Smith said globally, private sector companies have moved to the cloud more quickly than government, a phenomenon especially true in Europe, putting them at increased risk.

Smith also emphasized the importance disinformation is playing in Russia’s war effort, highlighting an 80% increase in Russian propaganda in the month after Russia launched its attack.

“We need to address this new cyber threat as well,” Smith said, adding, “it is directed at the core of our democracy.”