Part 2- War in Ukraine : The Operation

Since the outbreak of war in Ukraine last February, the whole world seems to be holding its breath in the face of an escalating conflict that is generating ever-increasing international fallout. Of course, we all fear the worst, that a nuclear bomb will be triggered leaving behind an unprecedented massacre. However, another threat looms, that of cyberattack.

Indeed, the digital shift in recent years has given way to significant new vulnerabilities that leave no one immune. Not even in Canada, hundreds of miles from the conflict. Whether it is our governmental or private entities, today everything goes through technology. A powerful dependence with a harmful side since a cyber attack has the power to destabilize the target on all fronts: economic, military, governmental, social, and perhaps even environmental.

Can you imagine the repercussions if our provincial or federal government was infiltrated by Russian cyber criminals? The public safety of Canadians would be in horrendous shape.

But before thinking of the worst, it is crucial to understand the operation of a Russian cyberattack to prevent them and thus better thwart them.

And for that, let us backtrack a little…


According to media reports, Russia formally invaded neighboring Ukraine on February 24, 2022, however the first (and direct) offensive took place the day before, on February 23. This time not by military intervention and bombing, but by digital infiltration. In other words, utilizing a cyberattack.

According to a report from Microsoft, the former USSR attacked its enemy with a cyber-weapon called “FoxBlade” directly infiltrating Ukraine’s digital infrastructure and that, only a few hours before the armed invasion. The FoxBlade software is ransomware that aims to collect confidential data so that the victim gives in to the demands of cybercriminals.

In this case, Russia was surely trying to force the hand of Ukraine to change its positions on the international level and, more precisely, its relationship with the European Union and the rest of the West.

Fortunately, Microsoft was able to detect the Russians’ activities and quickly alerted the Ukrainian government.

However, even before the digital invasion, the Ukrainian government was somewhat prepared for such an eventuality since the Russians have a worldwide reputation for using cybercrime to reach their target. To counter this, Ukraine quickly integrated its digital infrastructure in the public cloud. The data was therefore protected in computer centers throughout Europe. Without this maneuver, events would have taken an entirely different turn. But beyond ransomware like FoxBlade, what kinds of cyber operations are we at risk of being exposed to?

The operation

As mentioned above, Russia holds a reputation for being adept at cyberattacks with the aim to expand its power. However, there are different steps to this operation and according to an analysis report from Microsoft, the Russian cyber strategy relies on three separate efforts:

§  Targetted cyberattack Russia’s first step is to infiltrate the computer network of the opposing government to harvest essential and confidential data. When the operation is successful, cybercriminals have access to the country’s infrastructure and can now thwart the strategies of the enemy.

Subsequently, Russia targets private companies in the country and since cybersecurity is less rigorous than at the governmental level, the criminals take hold and wreak havoc. In the case of Ukraine, Microsoft reveals that 48 agencies and companies were the target of destructive cyberattacks.

§  Network penetration and espionage: the second stage consists of targeting the allies of the opposing camp. The goal is to spy on the activities of various nations and thus minimize their efforts. Still according to Microsoft, the former Soviet Union targeted 128 organizations, half of them government entities, across 42 countries. The United States, Norway, Denmark, Poland, Finland, and other NATO members are among them.

§  Cyber influence: An effective and certainly dangerous tactic dating from the Cold War and the KGB, which consists of infiltrating the network of the opposing camp to gradually influence the public opinion of citizens towards their government. Thanks to this maneuver, the targeted country gradually loses its credibility on the international level and plunges into instability at the national level. In the case of Ukraine, the Russians are working tirelessly to destroy the country’s reputation. Thus, creating an information war.

Support the cause

We are strong believers in peace. And that is why, for years, we have been supporting the initiative of Mr. Brad Smith of Microsoft for a Digital Geneva Convention.

As digital technology is an integral part of our lives, these essential services must be protected, just like our institutions in times of peace.

You can read more on the subject on the Microsoft France CSO blog:

Article available in French only: https://experiences.microsoft.fr/articles/cybersecurite/cyberespace/


The conclusion

This conflict affects us all in some way. Not only are we approaching a recession, but NATO countries are also under attack. Admittedly, these attacks do not affect lives, but they put our businesses at risk.

Be vigilant and keep your systems safe!

You own a business and you would like to know if you are protected accordingly: Answer this Questionnaire


#Cybersecurity #cyberattacks #cyberwar #Ukrainewar #cybercriminals