WASHINGTON – A new look at how Russia used its cyber capabilities in the first months of Ukraine’s war has many surprises: Moscow has carried out more cyber attacks than ever before to bolster its offensive, but More than two-thirds failed. Echoes of his poor performance on the physical battlefield.
However, a study released by Microsoft on Wednesday suggests that President Vladimir V. Putin’s government, through its misinformation campaign, is succeeding beyond the expectations of many in favor of Russia. A war statement could be made, including that the United States was secretly developing biological weapons inside Ukraine.
This report is the latest attempt by many groups, including US intelligence agencies, to understand the interaction of brutal physical warfare with the parallel – and often coordinated – struggle in cyberspace. This He noted that Ukraine was fully prepared to stop cyber-attacks, after years of enduring them. This was due, at least in part, to a well-established system of alerts from private sector companies, including Microsoft and Google, and in preparation for deploying Ukraine’s most important systems to the cloud on servers outside Ukraine. Moving included.
Accounts from Russia’s cyber-attacks and disinformation campaigns show that only 29% of the attacks violated targeted networks – in Ukraine, the United States, Poland and the Baltic states. But it points to a successful ongoing effort to win the information war, with Russia blaming Washington and Kyiv for starting the conflict that is now raging in eastern and southern Ukraine.
The war is the first full-fledged war in which conventional and cyber weapons have been used side by side, and the race is on between the two to find an unprecedented dynamic. So far, very little of this dynamic has evolved as expected.
Initially, analysts and government officials were shocked by the failure of Russian attacks on Ukraine’s power grid and communications system. In April, Chris Ingles, President Biden’s national cyber director, said the “question of the moment” was why Russia had not “at least played a significant cyber game against NATO and the United States.” He speculated that the Russians thought they were heading for a quick victory in February, but were “extinguished” when the war effort was hampered.
Microsoft reports that Russia attempted a major cyber attack on February 23, a day before the physical attack. The attack was an attempt to use “Viper” software, using malware called FoxBlade, to erase data on government networks. At about the same time, Russia attacked the Vyasat satellite communications network in the hope of crippling the Ukrainian army.
“We “I think he was one of the first people to see the first shots fired on February 23,” said Brad Smith, president of Microsoft.
He added at a Ronald Reuters forum on Wednesday that “there has been a massive, intense, even violent attack, an attack that started with a kind of wiper software, an attack that really affected different parts of the Russian government.” Connecting to. ” Reagan Presidential Foundation and Institute in Washington.
But many of the attacks were thwarted, or there was so much redundancy in Ukraine’s networks that the efforts suffered little. Mr Smith said the result was that the attacks had not been reported.
Mr Smith said that in many cases, Russia had linked its use of cyber-weapons to conventional attacks, including moving its troops to capture the nuclear power plant’s computer network before removing it. Is. Microsoft officials declined to identify the plant Mr Smith was referring to.
Although most of Russia’s cyber activity is focused on Ukraine, Microsoft has detected 128 network intrusions in 42 countries. Microsoft concluded that of the 29% of Russian attacks that successfully entered the network, only a quarter of the data was stolen.
Outside of Ukraine, Russia has focused its attacks on the United States, Poland and two aspiring NATO members, Sweden and Finland. Other members of the coalition were also targeted, especially as they began supplying more weapons to Ukraine. These violations, however, have been limited to surveillance – indicating that Moscow is trying to avoid bringing NATO countries into direct combat through cyber attacks, as it has avoided physical attacks on those countries. doing.
But Microsoft, other technology companies and government officials have said Russia has linked the incursions to a wide-ranging propaganda campaign around the world.
In the first weeks of the year, Microsoft noticed an increase in the consumption of Russian propaganda in the United States. It rose to 82% before the February 24 invasion of Ukraine, with 60 million to 80 million monthly pageviews. Microsoft said the data matched page views on the largest traditional media sites in the United States.
Mr Smith cited the example of Russian propaganda inside Russia forcing its citizens to be vaccinated, while his English-language message spread anti-vaccine material.
Microsoft also detected an increase in Russian propaganda in Canada before a convoy of truck drivers tried to block Ottawa, and to fight the epidemic before protests against public health measures in New Zealand.
“It’s not a matter of consumption after the news. It’s not a matter of trying to expand after the news,” Mr Smith said. “But I think it’s fair to say that this is not just a matter of pre-news expansion, but of possibly trying to create and influence today’s news creation.”
Senator Angus King, a member of the Senate Intelligence Committee and independent of Maine, noted that although private companies can detect Russian attempts to spread false information inside the United States, US intelligence agencies are limited by the laws that apply to them. Prevent peeping inside works.
“There is a gap, and I think the Russians are aware of it, and it enabled them to take advantage of the openness in our system,” said Mr. King, who also spoke at the Reagan Institute.
Congress is considering a clause in this year’s Defense Policy Bill that would require the National Security Agency and its military cousin, the United States Cyber Command, to report to Congress every two years on election security. Will require, including attempts by Russia and other foreign powers to influence Americans. .
“Ultimately, the best defense is to be a better user of information for our own people,” Mr King said. “We have to do a better job of educating people to be better users of information. I call it digital literacy. And we have to teach kids in fourth and fifth grade how to differentiate a fake website from a real website. To do. “