Cyberattacks on emergency response services and humanitarian aid go beyond the wartime rules nations agreed on.
Microsoft has an obligation to help defend governments and countries from cyberattacks, Brad Smith, the company’s President & Vice Chair, said in a blog post.
“Seldom has this role been more important than during the past week in Ukraine, where the Ukrainian government and many other organizations and individuals are our customers,” writes Smith.
According to him, several hours before Russia invaded Ukraine, Microsoft’s Threat Intelligence Center (MSTIC) detected offensive cyberattacks directed against Ukraine’s digital infrastructure and informed the officials.
While Microsoft hasn’t observed any cyber-spillover to other countries outside of Ukraine, the company is concerned about cyberattacks on Ukrainian civilian digital targets.
Examples of targets include the financial sector, agriculture sector, emergency response services, humanitarian aid efforts, and energy sector organizations and enterprises.
“These attacks on civilian targets raise serious concerns under the Geneva Convention, and we have shared information with the Ukrainian government about each of them,” Smith writes.
Reports from people trying to leave Ukraine show that potential attacks against infrastructure forced Ukrainian officials to resort to using ‘pencil and paper’ to process thousands of civilians fleeing the country.
Microsoft also observed attempts to steal various types of data, including health, insurance, transportation-related personally identifiable information (PII), and government data sets.
The company also says it works to protect against state-sponsored disinformation campaigns. Smith writes that some of the information undermines truth and sows distrust.
“We are moving swiftly to take new steps to reduce the exposure of Russian state propaganda, as well to ensure our own platforms do not inadvertently fund these operations,” Smith wrote.
Following a recent decision by the EU, Microsoft platforms will stop displaying Russian state-sponsored content from RT and Sputnik.
“We are removing RT news apps from our Windows app store and further de-ranking these sites’ search results on Bing so that it will only return RT and Sputnik links when a user clearly intends to navigate to those pages,” Smith said.
The company also wows to use its technology, skill, and resources to assist in humanitarian response efforts, with the first actions guided towards supporting the International Committee of the Red Cross (ICRC).
Russian invasion
On the night of February 24, Russian forces invaded Ukraine. Numerous cyberattacks preceded the invasion.
In January, researchers discovered a set of malware dubbed WhipserGate that affected government organizations in Ukraine.
Last week security researchers discovered that attackers deployed a disk-wiping malware, dubbed HermeticWiper, shortly before Russian forces crossed the Ukrainian border.
CISA released an advisory on the malware that targeted organizations in Ukraine, with recommendations and strategies to prepare for and respond to the threat.
More from Cybernews:
Russian ransom gang’s data leaked
Hackers breach Rosatom, Russia’s state nuclear energy corporation
Russia vs Ukraine: is big tech choosing sides?
A sophisticated Chinese hacking tool evaded attention for a decade – research
A simultaneous breach: dealing with two ransomware groups on the same day
Subscribe to our newsletter
