Russia's Cyberattacks Thwarted by Ukraine, Microsoft, Google, and Western Intelligence

Russia's invasion of Ukraine is "the first full-scale battle in which traditional and cyberweapons have been used side by side," reports the New York Times. But the biggest surprise is that "many of the attacks were thwarted, or there was enough redundancy built into the Ukrainian networks that the efforts did little damage... more than two-thirds of them failed, echoing its poor performance on the physical battlefield."

Microsoft president Brad Smith says the ultimate result is Russia's attempted cyberatacks get underreported, according to the Times: [A study published by Microsoft Wednesday] indicated that Ukraine was well prepared to fend off cyberattacks, after having endured them for many years. That was at least in part because of a well-established system of warnings from private-sector companies, including Microsoft and Google, and preparations that included moving much of Ukraine's most important systems to the cloud, onto servers outside Ukraine....

In many instances, Russia coordinated its use of cyberweapons with conventional attacks, including taking down the computer network of a nuclear power plant before moving in its troops to take it over, Mr. Smith said. Microsoft officials declined to identify which plant Mr. Smith was referring to. While much of Russia's cyberactivity has focused on Ukraine, Microsoft has detected 128 network intrusions in 42 countries. Of the 29 percent of Russian attacks that have successfully penetrated a network, Microsoft concluded, only a quarter of those resulted in data being stolen. Outside Ukraine, Russia has concentrated its attacks on the United States, Poland and two aspiring members of NATO, Sweden and Finland...

But Microsoft, other technology companies and government officials have said that Russia has paired those infiltration attempts with a broad effort to deliver propaganda around the world. Microsoft tracked the growth in consumption of Russian propaganda in the United States in the first weeks of the year. It peaked at 82 percent right before the Feb. 24 invasion of Ukraine, with 60 million to 80 million monthly page views. That figure, Microsoft said, rivaled page views on the biggest traditional media sites in the United States. One example Mr. Smith cited was that of Russian propaganda inside Russia pushing its citizens to get vaccinated, while its English-language messaging spread anti-vaccine content. Microsoft also tracked the rise in Russian propaganda in Canada in the weeks before a trucker convoy protesting vaccine mandates tried to shut down Ottawa, and that in New Zealand before protests there against public health measures meant to fight the pandemic.
Russians successfully "sabotaged a satellite communications network called Viasat in the opening days of the war," notes the Washington Post, "with the damage spilling over into other European countries. But Ukraine, working with private tech companies, Western intelligence and its own expert software engineers, has quickly fixed most of the damage..."

"The close partnerships that have emerged between U.S. technology companies and Western cybersecurity agencies is one of the unheralded stories of the war...." "Cyber responses must rely on greater public and private collaboration," argues Brad Smith, Microsoft's president, in a new study... published Wednesday on Microsoft's "lessons learned" from cyber conflict in Ukraine. A White House cyber official explains the new cooperative approach this way: "Where companies see destructive attacks, that has driven partnerships with the intelligence community and other government agencies to see how best we can share information to protect infrastructure around the world." The tech world's sympathies lie with the underdog, Ukraine. That applies to giant firms such as Microsoft and Google....

Ukraine's cybersecurity defense benefited from an early start. U.S. Cyber Command experts went to Ukraine months before the war started, according to its commander, Gen. Paul Nakasone. Microsoft and Google became involved even earlier. Microsoft began monitoring Russian phishing attacks against Ukrainian military networks in early 2021, and through the rest of last year observed increasingly aggressive hacks by six different attackers linked to Russia's three intelligence services, the GRU, SVR and FSB, according to a Microsoft report released in April. Microsoft has spent a total of $239 million on financial and technical assistance to Ukraine, a company official said....

Google, a part of Alphabet, has also helped Ukraine fend off threats. Back in 2014, prompted by Russia's use of DDOS ("distributed denial-of-service") malware in its seizure of Crimea and eastern Ukraine, Google began what it called "Project Shield." Software protected news sites, human rights groups and election sites against crippling DDOS floods of junk internet messages. Today, Project Shield is used by 200 sites in Ukraine and 2,300 others in 140 countries around the world, according to Jared Cohen, the chief executive of Google's Jigsaw unit.

PR nonsense

[Anonymous Coward]

Microsoft is the biggest cloud provider that attacks my honeypots (Along with Amazon/OVH/Linode), not just port sweeps but full blown GBit dictionary attacks on
MSSQL/RDP/SSH/FTP/Telnet when i submitted abuse reports about them attacking my NYC server complete with their required packet captures (who has those), logfiles, times/dates.
they responded with.

"This message is to notify you that the Computer Emergency Response Team has reviewed your reported issue and has actioned it appropriately.

The activity reported is associated with a customer account within the Microsoft Azure service. Microsoft Azure provides a cloud computing platform in which customers can deploy their own software applications. Customers, not Microsoft, control what applications are deployed on their account. "

aka not our problem, aka we dont respond to abuse reports.
garbage like the submitted article is nothing but nonsense, they cant/wont even clean their own infrastructure and they want to claim they are helping Ukraine, LMAO

Re:

[Neuroelectronic]

I have the same problem with FB. They know these are spammers, but they're not sanctioned spammers. And that's what this basically amounts to, they don't want [us] to see Russian spam. All the other spam that makes them money is fine though.

The right solution for their customers is they block all spam, and don't block Russians from open forums like Amazon.com or social media. But that's never going to happen. There's no space left for competitors because the four horseman of big tech own the whole mobi

Re:

[znrt]

to claim they are helping Ukraine, LMAO

helping ukraine is all the rage now. sadly, with so much "help" there won't be single house left standing soon. still good business it seems ...

Re:

[gtall]

Ya, those naughty Russian missiles have nothing to do with it.

Critical Systems should never be connected

[Canberra1]

Critical systems should never be on the internet, and air-gapped. I have zero tolerance for idiots. A layered approach, and a honeypot are good. Maybe the ruskies are better at dis-information, and are feeding the trolls. This canned response/report from MS is disturbing. They are meant to enforce terms of service. They are meant to help law enforcement for documented criminal activity. And their own customers, by having this on their own servers, means low latency for the attackers - against MS clients. Wi

That's great but...

[Xenographic]

That's nice and all, but how are they going to get back all the land Putin stole?

Once Russia fortifies it, it'll be as hard for Ukraine to take as Russia and I don't think Ukraine has as many bodies to throw at the problem.

Re:

[Anonymous Coward]

you can contradict the official narrative but that does not make whatever disjointed conspiracy ladeled nonsense somebody comes up with true either.

this alternative narratve takes all agency away from russia, that they couldn't possibly make any decisions on their own for their own motives. the western powers are the grandmasters in control of everything, which brings the question, why go through this trouble to begin with, if russia is so easy to manipulate why not just get rid of putin and install a lead

Re:

[znrt]

a link to a lecture from a "Distinguished Service Professor in Political Science", and to an interview with a military analyst who is also a celebrated and decorated whistleblower, both absolutely on topic, ... that's flamebait now ...

well, thanks for amply proving the point about the official narrative, i guess ... :D

Re:

[StevenMaurer]

John Mearsheimer is a well known academic crank who is quite literally channeling Neville Chamberlin in his advocacy for a "peace in our time" appeasement of Putin, selling out the Ukrainians to be brutally subject to Russian genocide. He's garnered an academic title from his career engaging in so-called "realism" (which amounts to little more than anti-democratic-government ranting and advocacy for abandoning all moral considerations [newstatesman.com]), but his opinion is just about the very definition of "flamebait".

And El

Re:

[znrt]

well, this is some disjointed and furibund mix of rambling and ad-hominem, obviously inconsequential to the the points made by the speakers. the saddest part is that it isn't even funny. but it is ofc way better than abusing the moderation system to suppress opinion, so thanks for the effort. and spreading the word! :)

Re:That's great but...

[quonset]

Oddly enough, by declaring a "special military operation", Putin has put himself into a bind. Legally, conscripts in the Russian army are not allowed, and can refuse, to fight outside the country unless a war is declared. Which is exactly what is happening. If you've been following the news, as a result of this self-inflicted gunshot to the foot, Russia has widened the age and physical requirements for people to serve in an attempt to get more cannon fodder. Men as old as 65 [rferl.org] are now allowed to serve. Does that remind you of another country which launched a war against its neighbor?

Russia originally had roughly 180K troops when it invaded Ukraine at the end of February. Obviously, those were not all combat troops since the largest part of any military is the support troops (artillery, supply, medical, etc). That number did not include the terrorists in the occupied territories. Russian military doctrine is heavily reliant on artillery/rockets and tanks, and much less so on infantry. As a result of this configuration, the only way for Russian troops to move forward is after the artillery levels an area. Once engaged with opposing troops, Russian troops have shown themselves to be woefully outclassed.

As a result, Russia is bleeding men and does not have the capability of replenishing/reconstituting their units with the result being severly low levels of combat capabilities. Reports have come in that of the original 1,000 or so troops comprising a battalion tactical group, some BTGs now only have 300 troops total, and in a few intercepted phone and radio messages, Russian troops claim they only have 30 or so men left, rendering that BTG non-existent. This is in addition to the staggering loss of equipment. Russia has recently pulled from deep storage T-62 tanks [businessinsider.com]. These were developed in the 60s and are wholly inadequate in any modern conventional war. Even worse, it now appears Russia is runing low on ammuntion. Just yesterday reports came in that 100 box cars of ammuntion [mil.in.ua] were loaded in Belarus for delivery to Russian troops. And none of the above takes into consideration Russia's inability to adequately supply their troops with food or basic necessities, including medical care.

Conversely, Ukraine has approximately 600K troops under arms. While a large portion of these are territorial defense troops and people with severly limited experience, they can rotate these troops into more stable areas to both gain experience and allow front line troops to be pulled for R&R. I can't find the interview, but Igor Gurkin, a one-time head of the terrorist "government" in occupied Ukraine made a statement that the longer this goes on the stronger Ukraine will become. He explicitly cited the large number of troops Ukraine can draw on compared to the number of troops Russia both has and can use. He also cited the continuing support of the West to supply Ukraine with weapons which are superior to Russian weapons. The recent delivery of HIMARs to Ukraine, which have already been used to strike C&C and ammuntion/supply dumps far behind enemy lines, attests to this superiority.

;tldr, Russia is almost out of options. Even if they halt all offensive operations and dig in, it will only be a matter of time before they are worn down. They haven't been able to rotate their combat troops from frontline duty so exhaustion is setting in which leads to low morale and reduced combat effectiveness. They are unable to reconstitute units with both men and equipment. Their logistics are shit. Conversely, Ukraine has shown itself to be far superior in every way imaginable to Russian troops and with continuing aid from the West will, and have been, making gains recapturing territory. Next month will be very interesting. Expect large changes in territorial control in favor of Ukraine.

Re:

[Xenographic]

> Oddly enough, by declaring a "special military operation", Putin has put himself into a bind. Legally, conscripts in the Russian army are not allowed, and can refuse, to fight outside the country unless a war is declared.

Somehow I just don't think that Putin is going to be all that bothered by declaring war and they've been getting more effective over time, not less. Yes, they initially screwed up pretty badly, but they're taking territory again and Ukraine is retreating. Maybe things will reverse ag

Re:That's great but...

[quonset]

Yes, they initially screwed up pretty badly, but they're taking territory again and Ukraine is retreating.

No and no. What Russia is "taking" is a few square kilometers of territory after weeks of fighting during which they continue to incur outsized losses in men and equipment. Until the last day or so, they were only gaining meters on the ground, less than a kilometer per day. That is not taking territory. That's using cannon fodder until the other guy runs out of ammunition.

Urkainian is "retreating" in the sense they are no longer fighting over a destroyed town. Having accomplished the goal of tying down the bulk of Russian forces at one particular spot for over a month, Ukraine is moving its troops to more defensible prepared positions against which Russia will once again have to spend weeks, if not months, trying to overcome, during which time their already exhausted troops will continue to be whittled down.

Meanwhile, Ukraine pushed Russian troops back from outside Kharkiv and are nearing the international border. They are also now able to start interdicting supply lines northeast of their furthest postion. West of Ilyzum, they are tying down Russian troops with a counter-offensive and are closing in on the town. If they are able to sustain their push, they can either force Russia to divert more troops to hold their position or force Russia to retreat from the town which would mean a huge blow to supply capabilities since that town is used as part of the current eastern campaign.

A little further south in Donetsk, another Ukrainian counter-attack has pushed Russian troops and their proxies back several kilometers. This push is pointed in the direction of Maiupol, though it's a long way from that destroyed city. Regardless, Russia now has to figure out how much effort it's going to put into protecting this area.

And finally, the counter-attack in the south near Kherson is proceeding. Althought Ukraine lost the one bridgehead, they have pushed Russian troops back by several kilometers in multiple areas. In fact, Ukrainian troops are about 18 kilometers away from Kherson proper. In response, Russia is rushing (see what I did there?) troops from Crimea to the area to prevent the collapse of the lines. Yes, they are digging in, but Ukraine has been able to use its (limited) air force to attack troop concentrations and equipment because Russia has focused its efforts in the East. Combined with Ukrainian artillery, Russia is losing substantial number of troops it can ill-afford to lose.

In short, Ukraine has recaptured more territory than it's lost, and with dwindling Russian capabilities, expect to see more advances by Ukraine in July with the possibility a collapse of the Russian lines in one area.

Re:

[Xenographic]

> Taking advantage of the US stealth air power could create a situation where the US totally denies they did anything attacks.

I think they'd know who it is given that very few people have advanced stealth bombers.

It's kinda like poisoning someone with polonium, it's not the sort of thing that too many people can get their hands on, you know?

Re:

[Iamthecheese]

You're implying Putin won't declare war if things get worse for Russia. What do you base this belief on? Also I disagree with your opinion that Russia can't at least hold the territory it already has, even without declaring war. If they get desperate enough they can man other boarders with conscripts and less effective equipment and use that part of their real military to hold territory. And keep holding it until the Russian military builds back up. Especially if China has their back. What's going to keep R

Re:

[quonset]

If they get desperate enough they can man other boarders with conscripts and less effective equipment and use that part of their real military to hold territory

In the end, it won't make a difference other than to draw out the conflict. Russia only had 380K troops in their regular army. That is people under uniform. When taking into consideration their current troop levels, they have committed almost a third of their entire military force during which time they've lost almost a dozen generals, over 50 col

Re:

[Hognoxious]

Russia needs to keep a significant portion of its army at home to prevent rebellion. It'll be like 1917 where it couldn't happen until it couldn't not happen.

Re:

[VeryFluffyBunny]

Occupying Ukraine for any length of time would be extremely costly & not particularly productive. Unless they want to seize the considerable untapped natural gas deposits & extract them for themselves, so maybe that's the plan? But I somehow doubt it. Either there's more to this invasion than is coming out in the media or the Putin regime has made a really big mistake. Well, at least the oil & gas companies are making out like bandits. But that's at everyone else's expense.

Re:

[Neuroelectronic]

Silly thing, this is really the only way to do it, if you don't trust your staff at all.

This is just the internet's natural proclivity

[Neuroelectronic]

This is just the internet's natural proclivity to route around damage.

another fat 'Summary'

[swell]

Weighing in at 763 words, this is another meandering summary from Slashdot. As usual, no editorial effort is expended to make the site useful or readable. After struggling thru this useless tome, I had no strength left to check whether any links are actually accessible. My tired eyes could barely scan the top replies. Anyone whose time is worth more than $5/hr should be spending it somewhere else that has thoughtful content presented in readable format.

Highest returns

[mnemotronic]

I'm guessing that the propaganda has the highest long-term returns. You can find and remove malware. It's harder to find and remove opinions formed as the result of propaganda. And they have Twitter, Facebook and Rupert Murdoch's media empire working for them. For free.

Me too

[LeeLynx]

Microsoft tracked the growth in consumption of Russian propaganda in the United States in the first weeks of the year.

I noticed a lot of it in the comment threads here.

Re:

[whoever57]

I noticed a lot of it in the comment threads here.

I see Russian propaganda posted here, but I have to wonder if that is really due to Russian government action. Are there really enough eyeballs on /. to merit spending resources to post propaganda?