ArchiveOODA OriginalSecurity and Resiliency

Microsoft Reports on Russian Cyber War and Disinformation Efforts In Ukraine

Last week, Microsoft released a report with an assessment of the cyber lessons learned in Ukraine since the inception of the conflict.   A collaboration between Microsoft threat intelligence and data science teams, the report’s goals and conclusions are described in an Editor’s Note as:

  • Sharpening our understanding of the threat landscape in the ongoing war in Ukraine;
  • A series of lessons and conclusions resulting from the data gathered and analyzed;
  • New information about Russian efforts including an increase in network penetration and espionage activities amongst allied governments, non-profits, and other organizations outside Ukraine;
  • Details about sophisticated and widespread Russian foreign influence operations being used among other things, to undermine Western unity and bolster their war effort.   We are seeing these foreign influence operations enacted in force in a coordinated fashion along with the full range of cyber destructive and espionage campaigns; and 
  • A call for a coordinated and comprehensive strategy to strengthen collective defenses – a task that will require the private sector, public sector, nonprofits, and civil society to come together. (1)

Brad Smith, President and Vice-Chair of Microsoft, went with a non-traditional approach to corporate communications by opening his forward to the report with a brief march through the role and history of military technology:

The recorded history of every war typically includes an account of the first shots fired and who witnessed them. Each account provides a glimpse not just into the start of a war, but the nature of the era in which people lived. 

Historians who discuss the first shots in America’s Civil War in 1861 typically describe guns, cannons, and sailing ships around a fort near Charleston, South Carolina.  

Events spiraled toward the launch of World War I in 1914 when terrorists in plain view on a city street in Sarajevo used grenades and a pistol to assassinate the archduke of the Austrian-Hungarian Empire.  

It would take until the Nuremberg war trials to fully understand what happened near the Polish border 25 years later. In 1939, Nazi SS troops dressed in Polish uniforms and staged an attack against a German radio station. Adolf Hitler cited such attacks to justify a blitzkrieg invasion that combined tanks, planes, and troops to overrun Polish cities and civilians. 

Each of these incidents also provides an account of the technology of the time — technology that would play a role in the war that ensued and the lives of the people who lived through it. 

The war in Ukraine follows this pattern. The Russian military poured across the Ukrainian border on February 24, 2022, with a combination of troops, tanks, aircraft, and cruise missiles. But the first shots were in fact fired hours before when the calendar still said February 23. They involved a cyberweapon called “Foxblade” that was launched against computers in Ukraine. Reflecting the technology of our time, those among the first to observe the attack were half a world away, working in the United States in Redmond, Washington.

As much as anything, this captures the importance of stepping back and taking stock of the first several months of the war in Ukraine, which has been devastating for the country in terms of destruction and loss of life, including innocent civilians.

While no one can predict how long this war will last, it’s already apparent that it reflects a trend witnessed in other major conflicts over the past two centuries. Countries wage wars using the latest technology, and the wars themselves accelerate technological change. It’s therefore important to continually assess the impact of the war on the development and use of technology. 

The Russian invasion relies in part on a cyber strategy that includes at least three distinct and sometimes coordinated efforts:

  • Destructive cyberattacks within Ukraine; 
  • Network penetration and espionage outside Ukraine; and
  • Cyber influence operations targeting people around the world.

This report provides an update and analysis on each of these areas and the coordination among them. It also offers ideas about how to better counter these threats in this war and beyond, with new opportunities for governments and the private sector to work better together.”  

A brilliant Forward by Mr. Smith and his team over at Microsoft.  On to the report…

To continue reading please consider joining as either a subscriber or full member to support our continued research and analysis. For more on benefits of membership see below.

Want more insight? Log in for the full report

Already a member?  Sign in to your account.

Become A Member

OODA Loop provides actionable intelligence, analysis, and insight on global security, technology, and business issues. Our members are global leaders, technologists, and intelligence and security professionals looking to inform their decision making process to understand and navigate global risks and opportunities.

Members get all site content plus additional Member benefits such as participation in our Monthly meetings, exclusive OODA Unlocked Discounts, discounted training and conference attendance, job opportunities, our Weekly Research Report, and other great benefits. Join Here.

Related Reading:

Explore OODA Research and Analysis

Use OODA Loop to improve your decision making in any competitive endeavor. Explore OODA Loop

Decision Intelligence

The greatest determinant of your success will be the quality of your decisions. We examine frameworks for understanding and reducing risk while enabling opportunities. Topics include Black Swans, Gray Rhinos, Foresight, Strategy, Stratigames, Business Intelligence and Intelligent Enterprises. Leadership in the modern age is also a key topic in this domain. Explore Decision Intelligence

Disruptive/Exponential Technology

We track the rapidly changing world of technology with a focus on what leaders need to know to improve decision-making. The future of tech is being created now and we provide insights that enable optimized action based on the future of tech. We provide deep insights into Artificial Intelligence, Machine Learning, Cloud Computing, Quantum Computing, Security Technology, Space Technology. Explore Disruptive/Exponential Tech

Security and Resiliency

Security and resiliency topics include geopolitical and cyber risk, cyber conflict, cyber diplomacy, cybersecurity, nation state conflict, non-nation state conflict, global health, international crime, supply chain and terrorism. Explore Security and Resiliency

Community

The OODA community includes a broad group of decision-makers, analysts, entrepreneurs, government leaders and tech creators. Interact with and learn from your peers via online monthly meetings, OODA Salons, the OODAcast, in-person conferences and an online forum. For the most sensitive discussions interact with executive leaders via a closed Wickr channel. The community also has access to a member only video library. Explore The OODA Community

Daniel Pereira

Daniel Pereira

Daniel Pereira is research director at OODA. He is a foresight strategist, creative technologist, and an information communication technology (ICT) and digital media researcher with 20+ years of experience directing public/private partnerships and strategic innovation initiatives.