Bottom line: Microsoft claims it detected network intrusions from Russian hackers on systems belonging to government agencies, think tanks, humanitarian groups, as well as telecommunications, energy, and defense companies. Organizations from over 40 countries have allegedly been affected by these attacks since the beginning of the war in Ukraine.
According to a new report by Microsoft, Russian intelligence agencies have significantly increased the frequency of their cyberattacks against countries allied with Ukraine. Russian hackers are not only targeting government systems but also other sectors that might have valuable information related to the war, such as think tanks, businesses, and aid groups.
The company has identified over 100 organizations from 42 countries outside Ukraine affected by these attacks. Over 60 percent of this activity reportedly involves NATO members, with the US being the primary target for Russian network intrusions. Cybercriminals are also focusing on Poland due to being a hub for delivering most of the military and humanitarian aid.
Interestingly, Estonia was an exception among Baltic states, as Microsoft didn't detect any Russian cyber intrusions since the invasion of Ukraine. The company says this is due to Estonia's adoption of cloud services, where it's allegedly easier to detect intruders.
Microsoft found that Russian hacks are successful 29 percent of the time, with a quarter of these successful attacks resulting in actors stealing data from an organization's networks.
Finally, Microsoft praised Ukraine's efforts in data safeguarding. Before the war, the country's public-sector digital infrastructure was running on servers physically located within its borders, making them vulnerable to missile attacks. The Ukrainian government quickly realized this was a massive vulnerability and worked to transfer its vital digital operations and data to the cloud, hosted in data centers across Europe.
Microsoft recently announced it's laying off hundreds of employees in Russia as it's winding down its business there. The company also recently blocked users in the country from downloading Windows from its servers.