Amid the war in Ukraine, Russia has increased its cyber-attacks on Nato nations by 25 per cent over the past year. According to the latest analysis by Microsoft, nine of the top 10 countries most affected by Russian state cyber-activity were members of the Nato alliance. The attacks are coming at a time when the Kremlin has escalated its “hybrid war” against European countries.
The tech giant noted that these attacks against NAO nations increased by a quarter compared with the previous year. According to their assessment, the US was the most targeted region, accounting for 20 per cent of all attacks, followed by the UK at 12 per cent, and Ukraine, the only non-NATO member in the top 10.
While Microsoft declined to give exact details of Russian state hostility, it maintained that most of these attacks targeted the government sector, followed by research and academia, and think tanks and non-governmental organisations. Amy Hogan-Burney, a vice-president for cybersecurity policy at Microsoft, said the company expected to “continue to see activity across many NATO-based areas”.
Meanwhile, experts and politicians warned that Russia is conducting “ hybrid warfare” – the term for a range of unconventional tactics such as drone incursions, sabotage, or cyber-attacks that occupy a “grey zone” between peace and war – against Nato members.
The victims of the attack
Last month, Eliza Manningham-Buller, former head of British spy agency MI5, warned that the UK may already be at war with Russia because of the intensity of cyber-attacks and other hostile activity orchestrated by Moscow against the UK. Buller said it was a “different sort of war, but the hostility, the cyber-attacks, the physical attacks, the intelligence work is extensive”.
Some of the other Nato nations were severely affected by Russia-linked incidents in Poland. The country recently witnessed 19 unarmed Russian drones crossing into its airspace last month. Meanwhile, Denmark was forced to close its airports due to unidentified drones. In another incident last month, NATO intercepted three Russian MiG-31 fighter jets that violated Estonia’s airspace over the Baltic Sea in a 12-minute incursion.
Microsoft added in its annual digital defence report that Russia was using its highly active cybercriminal community to advance its aims. It is pertinent to note that Russia’s cybercriminal activity is most commonly associated with ransomware attacks, which have crippled businesses and public bodies worldwide.
In its latest assessment, the tech giant noted that it had observed the Russian state tapping into the cybercrime ecosystem to gain access to targets, using its malicious software or proxies to carry out attacks. Jamie MacColl, a senior research fellow at the Royal United Services Institute (RUSI) thinktank, told The Guardian that while the revelation is concerning, it is not surprising.
“It is not surprising, given the general uptick in Russian covert, and sometimes overt, action against Nato member states over the past 12 months. The way states use their cyber operations mirrors their broader approach to statecraft, so it makes sense these attacks are increasing,” MacColl said.
