Russia Appears To Be Preparing For More Ransomware Attacks, Microsoft Warns

In a February report on the cyber threats in Ukraine, Alphabet Inc.’s Google said that cyber campaigns by Sandworm, which it calls FrozenBarents, “seem designed to advance Russian strategic objectives and respond to changes in Russian intelligence requirements throughout the conflict.”

The attack was “testing the international community’s ability to attribute espionage operations to Moscow” or the reaction of Ukraine’s allies to a targeted destructive attack outside Ukraine by deploying ransomware on Poland’s transport system, Microsoft said.

The ransomware attack on Polish and Ukrainian transport services in October, attributed to Sandworm, may have been “a trial balloon” for further attacks, the report said. Russian hackers have been accused of bombarding Ukrainian institutions with “wiper malware” and DDoS attacks, a campaign that began even before President Vladimir Putin ordered troops to invade more than a year ago.

CNN

Russian hackers targeted European military and transport organizations in newly discovered spying campaign | CNN Politics

Russian military-linked hackers targeted — and in some cases successfully infiltrated — the networks of European military, energy and transportation organizations in an apparent spying campaign that went undetected for months as the war in Ukraine raged, Microsoft told its customers in a report obtained by CNN.

Reuters

Russian hackers preparing new cyber assault against Ukraine – Microsoft report

Russian hackers appear to be preparing a renewed wave of cyber attacks against Ukraine, including a “ransomware-style” threat to organizations serving Ukraine’s supply lines, a research report by Microsoft said on Wednesday.

SecurityWeek