Upcoming Webinar
Cayosoft Shows How Forest Recovery Tech Addresses Survey Issues
Join this webinar and not only learn about what your peers are doing, but also learn about a new patent-pending modern approach to AD forest recovery from Cayosoft.
New episode!
The Scoop on Loop: The Latest Innovations Directly From Microsoft!
Darrell Webster speaks to Rebecca Keys, a Program Manager from the Microsoft Loop team.
Turn Data Protection into an MRR Growth Engine
Security for your customers, revenue for your MSP practice. Access key insights on how to scale your practice with SkyKick’s new eGuide.
MSP eGuide to Package, Sell and Deliver M365 Security Services
Based on input from our top-performing MSPs, SkyKick prepared the MSP Guide to help you navigate the security landscape.

Microsoft Details Efforts to Fight Russian Cyber Attacks Targeting Ukraine

Microsoft has detailed its latest efforts to tackle cyber attacks targetting organizations in Ukraine. The Redmond giant revealed that it had successfully disrupted a series of high-profile attacks by a Russian state-sponsored hacking group dubbed “Strontium.”

Strontium is one of the most popular APT groups worldwide that works closely with the Russian military intelligence agency known as the GRU. This particular group has previously carried out hacking and information warfare operations during the 2016 US presidential election. Additionally, Russian hackers were involved in a cyberattack targetting the opening ceremony of the 2018 Winter Olympic Games.

Microsoft uses sinkhole to block Russian cyberattacks

Microsoft explained in its press release that it had seized seven internet domains used by Strontium to conduct cyber attacks. Specifically, these domains were being to target Ukrainian media organizations, as well as EU and US government agencies and think tanks involved in foreign policy. The company received a court order on April 6 that allowed it to take control and re-direct these internet domains to a Microsoft-managed sinkhole.

According to Microsoft, the hackers wanted to gain long-term access to sensitive data and information stored within the internal systems of the targeted organizations. The company says that it has reported Strontium’s malicious activities to the Ukrainian government.

“This disruption is part of an ongoing long-term investment, started in 2016, to take legal and technical action to seize infrastructure being used by Strontium. We have established a legal process that enables us to obtain rapid court decisions for this work. Prior to this week, we had taken action through this process 15 times to seize control of more than 100 Strontium controlled domains,” explained Tom Burt, CVP of Customer Security & Trust.

Microsoft added that the latest Strontium attacks represent only a small portion of the cybercriminal activity observed during the ongoing war in Ukraine. The National Cyber Security Centre (NCSC) warned last week that organizations that criticize the Russian government or provide services to Ukraine are at greater risk of cyberattacks.

by Rabia Noureen
Apr 8, 2022

Rabia comes from a solid IT background and has been writing professionally about Microsoft products and other technology for four years. Rabia has also written for OnMSFT.com as well as Windows Report. She is always up to date on the latest trends in...

Petri.com’s New Active Directory Outage and Disaster Recovery Survey

Feb 15, 2024
Apr 16, 2024
Essential Guide to Mastering Get-ADGroupMember (AD User Management)

Oct 12, 2023
Get-ADComputer: The PowerShell Command for Managing Active Directory Computers

Nov 15, 2023

Take our survey

PETRI NEWSLETTERS

Join Petri Insider

Create a free account today to participate in forum conversations, comment on posts and more.