Microsoft: Cyberattacks in Ukraine Hitting Civilian Digital Targets
Microsoft is calling attention to a surge in cyber attacks on Ukrainian civilian digital targets, warning that the new “digital war” includes destructive malware attacks on emergency response services and humanitarian aid efforts.
The Redmond, Wash. software giant said the attacks on civilian targets raise serious concerns under the Geneva Convention.
“We remain especially concerned about recent cyberattacks on Ukrainian civilian digital targets, including the financial sector, agriculture sector, emergency response services, humanitarian aid efforts, and energy sector organizations and enterprises,” said Microsoft president Brad Smith.
“These attacks on civilian targets raise serious concerns under the Geneva Convention, and we have shared information with the Ukrainian government about each of them,” Smith said in a statement published Monday.
[ READ: Symantec: Super-Stealthy ‘Daxin’ Backdoor is Chinese Threat Actor ]
“We have also advised the Ukrainian government about recent cyber efforts to steal a wide range of data, including health, insurance, and transportation-related personally identifiable information (PII), as well as other government data sets,” he added.
The Microsoft vice chairman described the Russian invasion as “tragic, unlawful and unjustified” and said Redmond’s cybersecurity researchers detected a new round of offensive and destructive cyberattacks directed against Ukraine’s digital infrastructure just a few hours before the February 24 invasion.
The new malware attack, dubbed FoxBlade, was aimed at a range of targets, including Ukrainian military institutions and manufacturers and several other Ukrainian government agencies.
[ READ: Predictions: SecurityWeek’s 2022 Cybersecurity Outlook ]
“These recent and ongoing cyberattacks have been precisely targeted, and we have not seen the use of the indiscriminate malware technology that spread across Ukraine’s economy and beyond its borders in the 2017 NotPetya attack,” Smith explained.
Microsoft is also moving to block content from Russia’s state-owned media properties RT and Sputnik from its MSN.com and Microsoft Start platforms.
Redmond is also removing RT news apps from the Windows app store and de-ranking the company’s Bing search results so that it will only return RT and Sputnik links when a user clearly intends to navigate to those pages.
Smith said Microsoft is also banning all advertisements from RT and Sputnik across its ad network.
Related: Symantec: Super-Stealthy ‘Daxin’ Backdoor Linked to Chinese Threat Actor
Related: Microsoft Spots Multiple Nation-State APTs Exploiting Log4j Flaw
Related: Microsoft Office Zero-Day Hit in Targeted Attacks
Related: Predictions: SecurityWeek’s 2022 Cybersecurity Outlook