+49 2641 3703 – 0 +49 2641 3703 – 199 info@moench-group.com

Microsoft Disrupts Russian Cyberattacks

Strontium Hacking Group Linked to GRU

Microsoft says it has disrupted cyberattacks launched against targets in Ukraine by Russia’s military intelligence agency (the GRU), claiming “nearly all of Russia’s nation-state actors” have been involved in cyber warfare against the country.

Tom Burt, VP for Consumer Security and Trust, says Microsoft has observed attacks targeting Ukrainian entities by the hacking group Strontium, which he described as “a Russian GRU-connected actor we have tracked for years.

On 6 April, Microsoft obtained a court order giving it control of seven internet domains Strontium was using to co-ordinate the attacks. These were redirected to a Microsoft-controlled sinkhole, limiting the hackers use of the domains, and allowing Microsoft to notify victims of the attacks. Burt said the company has “established a legal process that enables us to obtain rapid court decisions,” noting the process has been used on 15 previous occasions to seize control of over 100 Strontium-controlled domains.

Entities targeted, according to Burt, include media organisations, government institutions, and “think tanks in the United States and the European Union involved in foreign policy […] We believe Strontium was attempting to establish long-term access to the systems of its targets, provide tactical support for the physical invasion and exfiltrate sensitive information. We have notified Ukraine’s government about the activity we detected and the action we’ve taken.

He further stated the Strontium attacks are “just a small part of the activity we have seen in Ukraine. Before the Russian invasion, our teams began working around the clock to help organizations in Ukraine, including government agencies, defend against an onslaught of cyberwarfare that has escalated since the invasion began and has continued relentlessly. Since then, we have observed nearly all of Russia’s nation-state actors engaged in the ongoing full-scale offensive against Ukraine’s government and critical infrastructure.” The company says it expects to provide “a more comprehensive look at the scope of the cyberwar in Ukraine” in coming weeks.

 

The exterior of Microsoft's Cybercrime Centre Forensics Lab. (Microsoft)

Related Posts

Publish date

04/11/2022

Sign up to our newsletter and stay up to date.

News

Air

C4ISR

Components / Systems

Cyber

Defence Business

Homeland Security

International Security

Land

Latin America (Spanish)

Logistics

Naval

Training & Simulation

Space

Special Forces

Unmanned

Publications

Contact Us

Contact Info

Mönch Verlagsgesellschaft mbH
Christine-Demmer-Straße 7
53474 Bad Neuenahr – Ahrweiler

+49 2641 3703 – 0

+49 2641 3703 - 199

Follow On

X