Microsoft says it informed the Ukrainian government about cyberattacks
Microsoft said Monday it's been informing Ukraine about cyberattacks on civilian and military targets, though the software maker didn't attribute the attacks to any specific actors.
“In recent days, we have provided threat intelligence and defensive suggestions to Ukrainian officials regarding attacks on a range of targets, including Ukrainian military institutions and manufacturers and several other Ukrainian government agencies,” Brad Smith, Microsoft's president, wrote in a blog post. “This work is ongoing.”
U.S. tech companies are responding in myriad of ways to Russia's invasion of Ukraine, which began late last week and has so far led to over 400 civilian deaths. Facebook owner Meta and Google parent Alphabet have announced efforts designed to tamp down misinformation on their platforms.
Microsoft said in the post that one of its primary responsibilities is to “help defend governments and countries from cyberattacks.” Smith said the company has employees in Russia, Ukraine and across the region.
On Feb. 24, before Russia launched its first missile strikes, Microsoft observed a new type of malware hitting Ukraine and delivered information to the country's government, which is a customer, Smith wrote. The attacks have been narrowly targeted, in contrast to the NotPetya ransomware virus that hit the broader Ukrainian economy in 2017, he added.
“But we remain especially concerned about recent cyberattacks on Ukrainian civilian digital targets, including the financial sector, agriculture sector, emergency response services, humanitarian aid efforts, and energy sector organizations and enterprises,” Smith wrote. “These attacks on civilian targets raise serious concerns under the Geneva Convention, and we have shared information with the Ukrainian government about each of them.”
A Microsoft spokesperson did not immediately respond to a request for comment on the sources of the attacks.
Microsoft has also told the Ukrainian government about attempts to steal data, Smith wrote, and he said the company is removing state-run news company RT's apps from the Windows app store and “further” de-ranking its websites in Bing web search results.
微软周一表示,它一直在向乌克兰通报针对民用和军事目标的网络攻击,不过该软件制造商并未将这些攻击归咎于任何特定行为者。 “最近几天,我们向乌克兰官员提供了有关攻击一系列目标的威胁情报和防御建议,包括乌克兰军事机构和制造商以及其他几个乌克兰政府机构,”微软总裁布拉德史密斯在一篇博客文章中写道。 “这项工作正在进行中。”
美国科技公司正以多种方式应对俄罗斯入侵乌克兰,该行动于上周晚些时候开始,迄今已导致 400 多名平民死亡。 Facebook 的所有者 Meta 和谷歌的母公司 Alphabet 宣布了旨在遏制其平台上的错误信息的努力。
微软在帖子中表示,其主要职责之一是“帮助保护政府和国家免受网络攻击”。史密斯说,该公司在俄罗斯、乌克兰和整个地区都有员工。
史密斯写道,2 月 24 日,在俄罗斯发动首次导弹袭击之前,微软观察到一种新型恶意软件袭击了乌克兰,并将信息传递给了该国政府,该政府是其客户。他补充说,与 2017 年袭击整个乌克兰经济的 NotPetya 勒索软件病毒相比,这些攻击的目标狭隘。
“但我们仍然特别关注最近对乌克兰民用数字目标的网络攻击,包括金融部门、农业部门、应急响应服务、人道主义援助工作以及能源部门组织和企业,”史密斯写道。 “根据《日内瓦公约》,这些针对平民目标的袭击引起了严重关切,我们已与乌克兰政府分享了有关这些袭击的信息。”
微软发言人没有立即回应对攻击来源发表评论的请求。
史密斯写道,微软还向乌克兰政府通报了窃取数据的企图,他表示,该公司正在从 Windows 应用商店中删除国有新闻公司 RT 的应用,并“进一步”降低其网站在必应网络搜索结果中的排名。
