Microsoft Details Efforts to Fight Russian Cyber Attacks Targeting Ukraine
Microsoft has detailed its latest efforts to tackle cyber attacks targetting organizations in Ukraine. The Redmond giant revealed that it had successfully disrupted a series of high-profile attacks by a Russian state-sponsored hacking group dubbed “Strontium.”
Strontium is one of the most popular APT groups worldwide that works closely with the Russian military intelligence agency known as the GRU. This particular group has previously carried out hacking and information warfare operations during the 2016 US presidential election. Additionally, Russian hackers were involved in a cyberattack targetting the opening ceremony of the 2018 Winter Olympic Games.
Microsoft uses sinkhole to block Russian cyberattacks
Microsoft explained in its press release that it had seized seven internet domains used by Strontium to conduct cyber attacks. Specifically, these domains were being to target Ukrainian media organizations, as well as EU and US government agencies and think tanks involved in foreign policy. The company received a court order on April 6 that allowed it to take control and re-direct these internet domains to a Microsoft-managed sinkhole.
According to Microsoft, the hackers wanted to gain long-term access to sensitive data and information stored within the internal systems of the targeted organizations. The company says that it has reported Strontium’s malicious activities to the Ukrainian government.
“This disruption is part of an ongoing long-term investment, started in 2016, to take legal and technical action to seize infrastructure being used by Strontium. We have established a legal process that enables us to obtain rapid court decisions for this work. Prior to this week, we had taken action through this process 15 times to seize control of more than 100 Strontium controlled domains,” explained Tom Burt, CVP of Customer Security & Trust.
Microsoft added that the latest Strontium attacks represent only a small portion of the cybercriminal activity observed during the ongoing war in Ukraine. The National Cyber Security Centre (NCSC) warned last week that organizations that criticize the Russian government or provide services to Ukraine are at greater risk of cyberattacks.
More in Active Directory
How to View the Attribute Editor in Active Directory
Sep 26, 2022 | Michael Reinders
How to Restore Active Directory
Sep 19, 2022 | Michael Reinders
How to Add a New Domain Controller to an Existing Domain
Sep 12, 2022 | Michael Reinders
How to Back Up Active Directory
Sep 6, 2022 | Michael Reinders
How To Install Active Directory Users And Computers: A Step-by-Step Guide
Aug 12, 2022 | Michael Reinders
Microsoft Launches New On-Premises Unified Update Platform To Manage Windows Updates
Jul 27, 2022 | Rabia Noureen
Most popular on petri