Microsoft Takes Down Russia’s Strontium Allies Attacking Ukraine

Need additional evidence that private organizations are playing a defining role in curbing and preventing nation-state cyberattacks? Just look at the actions Microsoft recently took to disrupt Russian GRU-connected Strontium’s attacks on Ukrainian targets. Tom Burt, Microsoft corporate vice president of customer service, wrote in a blog post that the tech giant had obtained a court order allowing it to take over seven internet domains used by Strontium to conduct attacks against Ukrainian institutions, including media. “We have since redirected these domains to a sinkhole controlled by Microsoft, enabling us to mitigate Strontium’s current use of these domains and enable victim notifications,” Burt said, noting that the group was also attacking government institutions and think tanks involved in foreign policy and located in the U.S. “The outcome of every war is defined by achieving many small victories; in this case, Microsoft took active steps to disrupt attacks on Ukrainian targets and is showing why we haven’t seen as much success in attacks by Russia as we have seen in previous conflicts,” said John Bambenek, principal threat hunter at Netenrich. “Russia’s playbook is pretty well-known and many organizations are pitching in to minimize or eliminate the impact these threat actors can have on Ukraine or affiliated entities.”

Read more : Microsoft Takes Down Russia’s Strontium Allies Attacking Ukraine.

OODA Analyst

OODA Analyst

OODA is comprised of a unique team of international experts capable of providing advanced intelligence and analysis, strategy and planning support, risk and threat management, training, decision support, crisis response, and security services to global corporations and governments.