Microsoft is playing an active role in monitoring the ongoing conflict between Russia and Ukraine and is working to share relevant threat intelligence information with its customers and the broader security community. The company aims to increase global awareness and enhance collective cyber defenses by tracking Russian cyber and influence operations during the conflict.
According to Microsoft, Russia has been adapting and testing new ways to gain an advantage on the battlefield and strain Ukraine’s domestic and external resources. The company has observed a new phase of the war characterized by Russia regaining its operational footing and preparing to engage in digital media and video propaganda to capitalize on war fatigue.
Throughout the conflict, Russia has targeted military and civilian populations with propaganda aimed at weakening Ukraine’s resolve and deepening local divisions. Microsoft has observed Russian influence operations which use digital channels, such as social media, to spread propaganda and erode trust, increase polarization, and threaten democratic processes. From March to October 2023, Moscow’s influence efforts included the use of novel tactics on social media to reach wider audiences.
On the cyber front, Microsoft has observed threat actors affiliated with Russian military intelligence (GRU) engaging in cyberespionage operations against the Ukrainian military and its foreign supply lines. Additionally, groups linked to Russia’s Foreign Intelligence (SVR) and Federal Security (FSB) services have been observed targeting war crimes investigators within and outside of Ukraine.
Recent activities by Russian state media and state-aligned influence actors have sought to exploit the Israel-Hamas war to promote anti-Ukraine narratives, anti-US sentiment, and exacerbate tension among the involved parties. There are concerns that Russia may be using international events to distract the West from the conflict in Ukraine.
Looking ahead, Microsoft warns that if Ukraine is to continue resisting the invasion, it will require a steady supply of weapons and worldwide support. The company believes that Russian cyber and influence operators are likely to intensify efforts to demoralize the Ukrainian population and degrade Kyiv’s external sources of military and financial assistance.
One potential target for Russian threat actors is the upcoming US presidential election and other major political contests in 2024. Microsoft believes that Russian influence actors may attempt to turn the political tide away from elected officials who champion support for Ukraine, using a mix of video media and AI-enabled content.
To protect its customers in Ukraine and worldwide from multi-faceted threats, Microsoft is working to integrate advances in AI-driven cyber defense and secure software engineering. The company is also deploying resources, in addition to a core set of principles, to safeguard voters, candidates, campaigns, and election authorities worldwide as more than two billion people prepare to engage in the democratic process over the next year.
In addition to updating its security products, Microsoft is also committed to sharing information to encourage vigilance against threats to the integrity of the global information space. For more information on the latest global threat intelligence and other emergent cyber threats, visitors can access Microsoft Security Insider.
In essence, Microsoft is actively monitoring the conflict between Russia and Ukraine and sharing relevant threat intelligence with its customers and the broader security community. The company recognizes the adaptability and evolving tactics of Russian cyber and influence operations and is working to enhance collective cyber defenses to address these challenges.