![](\"https:\/\/images.idgesg.net\/images\/idge\/imported\/imageapi\/2022\/04\/15\/08\/stop-russia-2-shutterstock_1576413886-100924629-small.jpg\"\/)
<\/p>\n<\/p>\n
One of the big surprises in Russia\u2019s war against Ukraine has been how well Ukraine has fended off Russian cyberattacks<\/a>. Ad hoc groups of white-hat hackers have helped, as have a number of nations and the US government.<\/p>\n Less well known is that tech companies, including Microsoft, are part of the effort. That aid ranges from giving advice to identifying attacks, offering fixes for them, and providing Ukraine with free tech and security services.<\/p>\n Microsoft isn\u2019t just trying to help defend a country under siege from an aggressive, more-powerful neighbor. Russian cyberattacks against Ukraine can also get loose in the wild and do damage to enterprises and organizations that rely on Microsoft technology. (Russia could also deliberately target private companies with those attacks.)<\/p>\n By helping Ukraine, Microsoft also helps its customers \u2014 and it happens to be good PR, as well.<\/p>\n So just what kind of help does Microsoft give, and how might it help you or your organization? Here\u2019s what we know.<\/p>\n In April 2022, Microsoft\u2019s Digital Security Unit released a 21-page overview of Russian cyberattacks on Ukraine<\/a> up until that date, and detailed what Microsoft had done to help.<\/p>\n The day before the ground invasion began, Russia\u2019s military intelligence service, the GRU, \u201claunched destructive wiper attacks on hundreds of systems in Ukrainian government, IT, energy, and financial organizations,\u201d according to Microsoft.<\/p>\n The cyber assault didn\u2019t let up after that. Russia attempted to infiltrate, disrupt, and destroy government networks, sometimes in concert with missile attacks. It set out to damage vital IT hardware and resources and launched disinformation campaigns to sap Ukraine\u2019s will to fight. Russia poured a lot into these disinformation campaigns because, as the report explained it, many Russian military officials believe \u201coperations to degrade troop morale, discredit the leadership, and undermine the military and economic potential of the enemy via information means can at times be more effective than traditional weapons.\u201d<\/p>\n Microsoft offered a week-by-week account of Russia\u2019s cyberattacks and listed \u00a0some of the most dangerous pieces of malware being used, many of which target networks, Windows PCs, and .NET, Microsoft\u2019s open source developer platform<\/a>.<\/p>\n To fight back, Microsoft uncovered and tracked malware, and offered a variety of ways to defend against it and eradicate it. In some cases, the advice was surprisingly simple. For example, Microsoft recommended that Ukrainian organizations enable Windows\u2019 controlled folder access capabilities, which is turned off by default. Turning it on mitigates damage done by wiper malware. It also recommended the use of multi-factor authentication, which has paid off.<\/p>\n The company also studied how Ukrainian organizations use Microsoft\u2019s endpoint detection and response (EDR) solutions; based on what it found, the company offered alternatives that could be even more effective.<\/p>\n Microsoft\u2019s Tom Burt, corporate vice president for customer security and trust, said in a blog post last year<\/a> that Microsoft\u2019s Threat Intelligence Center (MSTIC) found wiper malware in more than a dozen Ukrainian networks, alerted the Ukrainian government to it, and opened a 24\/7 cybersecurity hotline to help fight it.<\/p>\n Microsoft has also helped Ukraine harden its computing infrastructure, notably by moving it to the cloud to keep it safe. Microsoft President Brad Smith explained to GeekWire<\/a> that the company spent $107 million \u201cto literally move the government and much of the country of Ukraine from on-premises servers to the cloud.\u201d The move also helped protect data centers Microsoft runs throughout Europe. According to Smith, this \u201chas been one of the indispensable elements in defending Ukraine.\u201d<\/p>\n Microsoft plans to continue its assistance. Smith said\u00a0the company will offer approximately $100 million in free tech aid and services to Ukraine in 2023<\/a>. (That\u2019s in addition to the estimated $400 million already spent.)<\/p>\n Keep in mind that Microsoft isn\u2019t the only company offering help; Amazon has done similar work using its considerable cloud expertise<\/a> and Google has offered cybersecurity and other kinds of aid<\/a>.<\/p>\n All this work by governments and private companies has paid off. Part of a New York<\/em> Times\u00a0<\/em>comprehensive investigation into how Russia has failed<\/a> focused on cyberwarfare. The story noted that before the war, \u201cOfficials in Washington, who had been working closely with the Ukrainians to bolster their cyberdefenses for years, had been holding their breath. States had mainly used hacking for acts of espionage and financial thievery, for subversion and sabotage. But nobody really knew how it would play out in a full-scale military conflict.\u201d<\/p>\n Here’s how it played out, the Times<\/em> concluded: Ukraine has so far defeated Russia in the cyberwar. Russia\u2019s once-feared hackers threw everything they had against Ukraine, including trying to shut down the power grid, disable government networks, and kill satellite communications.<\/p>\n They failed every time.<\/p>\n There are lessons here you can apply to your organization. Much of what Ukraine has done (with the help of governments and private industry) you can do on your own. Simple changes like using multi-factor authentication, turning on controlled folder access, and improving endpoint protection can go a long way to fending off hackers and cyberattacks. Keeping everything patched and up-to-date (which Microsoft also recommended to Ukraine) can pay off tremendously. A move to the cloud increases security as well.<\/p>\n You don\u2019t need to be on a war footing to do all that. But if you\u2019re going to succeed, it makes sense to act as though you\u2019re fighting a war against hackers. That\u2019s certainly what the hackers believe.<\/p>\n http:\/\/www.computerworld.com\/category\/security\/index.rss<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<\/p>\n