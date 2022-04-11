Microsoft takes credit for stopping Russia-connected cyberattacks

By on
Microsoft takes credit for stopping Russia-connected cyberattacks

Microsoft took credit for disrupting cyberattacks this week conducted by an attacker connected with Russia and aimed at organizations in Ukraine, the United States and European Union.

The tech giant stopped the attacks on Wednesday, according to a blog post.

Strontium – also known as Fancy Bear or APT28 – known for its connection to the Russian government, launched attacks on media organizations in Ukraine, government institutions and think tanks in the U.S. and E.U. involved in foreign policy and other entities.

“We believe Strontium was attempting to establish long-term access to the systems of its targets, provide tactical support for the physical invasion and exfiltrate sensitive information,” according to the post. “We have notified Ukraine’s government about the activity we detected and the action we’ve taken.”

CRN USA has reached out to Microsoft for comment.

Strontium and “nearly all of Russia’s nation-state actors” have been attacking Ukraine’s government and critical infrastructure, according to Microsoft.

“In the coming weeks we expect to provide a more comprehensive look at the scope of the cyberwar in Ukraine,” according to the post, authored by Tom Burt, Microsoft’s corporate vice president for customer, security and trust.

Microsoft used a court order to take control of seven Strontium internet domains used in the attacks and re-directed the domains to a virtual sinkhole, according to the post.

Microsoft has been taking “legal and technical action” against Strontium since 2016, according to the post. In 2019, Microsoft announced that it had notified democratic institutions, think tanks and nonprofit organisations in Europe about Strontium attacks targeting 104 accounts.

“We have established a legal process that enables us to obtain rapid court decisions for this work,” according to the post. “Prior to this week, we had taken action through this process 15 times to seize control of more than 100 Strontium controlled domains.”

Microsoft is among a group of tech companies to rethink business with Russia and Belarus because of the invasion of Ukraine.

In January, Microsoft announced a destructive malware operation that pummelled the Ukrainian government.

This week, the FBI stopped a Russian-government-backed botnet aimed at taking down small- to medium-sized businesses and home-office networks using technology from WatchGuard.

This article originally appeared at crn.com

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © 2018 The Channel Company, LLC. All rights reserved.
Tags:
microsoft software

Partner Content

Inside your marketing tipping point
Inside your marketing tipping point
Service SA and Service Tas select Knosys knowledge management solution
Service SA and Service Tas select Knosys knowledge management solution
Coates' new asset management system boosts work site efficiency
Coates' new asset management system boosts work site efficiency
Better together: Veeam on AWS speeds Australian business through the cloud
Better together: Veeam on AWS speeds Australian business through the cloud
Here's why ASUS's NexGen MiniPC PN63-S1 is so versatile
Here's why ASUS's NexGen MiniPC PN63-S1 is so versatile

Sponsored Whitepapers

Endpoint Detection and Response
Endpoint Detection and Response
How to put your infrastructure into overdrive
How to put your infrastructure into overdrive
MSPs: Stack your solutions
MSPs: Stack your solutions
Learn 6 key ways to drive success in FY22
Learn 6 key ways to drive success in FY22
Grow your software revenue by selling these 5 affordable, essential tools for the modern workplace
Grow your software revenue by selling these 5 affordable, essential tools for the modern workplace

Most Read Articles

Calibre One acquired by Brisbane-based Azentro Group

Calibre One acquired by Brisbane-based Azentro Group
Better together: Veeam on AWS speeds Australian business through the cloud

Better together: Veeam on AWS speeds Australian business through the cloud
NetApp CEO roasts rivals Dell and HPE

NetApp CEO roasts rivals Dell and HPE
Kaseya to acquire Datto for US$6.2b

Kaseya to acquire Datto for US$6.2b

Log In

Email:
Password:
  |  Forgot your password?