Russia Appears To Be Preparing For More Ransomware Attacks, Microsoft Warns

In a February report on the cyber threats in Ukraine, Alphabet Inc.’s Google said that cyber campaigns by Sandworm, which it calls FrozenBarents, “seem designed to advance Russian strategic objectives and respond to changes in Russian intelligence requirements throughout the conflict.”

The attack was “testing the international community’s ability to attribute espionage operations to Moscow” or the reaction of Ukraine’s allies to a targeted destructive attack outside Ukraine by deploying ransomware on Poland’s transport system, Microsoft said.

The ransomware attack on Polish and Ukrainian transport services in October, attributed to Sandworm, may have been “a trial balloon” for further attacks, the report said. Russian hackers have been accused of bombarding Ukrainian institutions with “wiper malware” and DDoS attacks, a campaign that began even before President Vladimir Putin ordered troops to invade more than a year ago.


Russian hackers targeted European military and transport organizations in newly discovered spying campaign | CNN Politics

Russian military-linked hackers targeted — and in some cases successfully infiltrated — the networks of European military, energy and transportation organizations in an apparent spying campaign that went undetected for months as the war in Ukraine raged, Microsoft told its customers in a report obtained by CNN.

Read More


Russian hackers preparing new cyber assault against Ukraine – Microsoft report

Russian hackers appear to be preparing a renewed wave of cyber attacks against Ukraine, including a “ransomware-style” threat to organizations serving Ukraine’s supply lines, a research report by Microsoft said on Wednesday.

Read More


Russian Cyberspies Abuse EU Information Exchange Systems in Government Attacks

Russia-linked APT29 was seen abusing the legitimate information exchange systems used by European countries in attacks aimed at governments.

Read More