Microsoft is gearing up for a slew of Russian cyber attacks this winter, and warns others to stay vigilant. Between missiles, drones, and cyberattacks the onslaught against Ukraine has been a brutal one, and reportedly only set to get worse in the coming months.
"Moscow has intensified its multi-pronged hybrid technology approach to pressure the sources of Kyiv’s military and political support," says Microsoft in a recent blog post (opens in new tab) (via Bleeping Computer (opens in new tab)). "Recent attacks in Poland suggest that Russian state-sponsored cyberattacks may increasingly be used outside Ukraine in an effort to undermine foreign-based supply chains."
In late October, Russian forces were pushed from formerly occupied territory, retaliating with missile, drone, and cyber strikes that left much of Kyiv in need of simple running water.
The Russian ATP group known to Microsoft as IRIDIUM (aka Sandworm (opens in new tab)) is thought to be working with the Russian intelligence service, the GRU, in coordinated efforts to inflict suffering on the people of Ukraine. The group has been at large for almost a decade, as Microsoft notes, "Following Russia’s annexation of Crimea in 2014, IRIDIUM launched a series of wintertime operations against Ukrainian electricity providers, cutting power to hundreds of thousands of citizens in 2015 and 2016."
Winter, of course, provides a powerful supplementary effect to any attacks on infrastructure that cause power outages. No power, for many, will mean no heat. One would imagine that's why attacks are expected to rise over winter, specifically.
Steam Deck review (opens in new tab): Our verdict on Valve's handheld PC.
Accessories for the Steam Deck (opens in new tab): Get decked out
Steam Deck availability (opens in new tab): How to get one.
Steam Deck battery life (opens in new tab): What's the real battery life of the new device?
Steam Deck - The emulation dream machine (opens in new tab): Using Valve's handheld hardware as the ultimate emulator.
The cyber barrage didn't take long to refocus on targets outside of Ukraine as well, with Microsoft reporting that Sandworm soon deployed its Prestige ransomware on both Polish and Ukrainian logistics and transportation. Microsoft explains this was the "first war-related cyberattack against entities outside of Ukraine since the Viasat KA-SAT attack at the start of the invasion."
It's been ramping up since then, but Microsoft is offering a plan to combat the coming cyberattacks. "Throughout the winter and into 2023, we will be working with our customers and in support of democracies to: Detect … Disrupt … Defend … Deter," it says.
The post signs off with a suggestion that, for its customers, it "encourages the use of strong cyber hygiene and the latest detection and response technology to reduce vulnerabilities to and recover from cyberattacks," which can be found in the 2022 Digital Defense report (opens in new tab).