IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

Big Tech enters fight against Russia's multi-pronged cyber offensive

Microsoft, Google, Meta, and Twitter have implemented measures to help dampen the impact of Russia's cyber attacks on Ukraine

Big tech companies including Microsoft, Google, Meta, and Twitter have all taken proactive measures to disrupt the cyber attacks on Ukraine coming from Russian and Belarusian actors across multiple fronts.

Microsoft announced on Monday that it had discovered a brand-new strain of malware targeting Ukraine called FoxBlade. Not much is known about the new strain as of yet, but it’s the third strain of malware that has been found to be targeting organisations in Ukraine and the second identified by Microsoft.

FoxBlade indicators of compromise (IoCs) were shared immediately with Ukraine and protections against the malware were added to Microsoft Defender within three hours of discovery, Microsoft said.

Previous strains targeting Ukraine include HermeticWiper and WhisperGate, the latter of which dates back to January. Both of these strains are classed as ‘destructive malware’, involving a process of infection and data wiping. Experts have previously identified increasing use of these data wipers and predict continued use throughout 2022.

Microsoft said the malware-based cyber attacks have mainly been “precisely targeted” ones, different from the indiscriminate 2017 NotPetya malware operation which also affected Ukraine.

The company has also implemented measures to stop the spread of disinformation - another core tactic deployed by Russia in cyber space.

Microsoft, along with other big tech giants, has targeted Russia Today (RT) and Sputnik, two of the most prominent state-sponsored media outlets in Russia, and placed restrictions on their global reach.

These included blocking all content on Microsoft Start platforms such as MSN.com, de-ranking Bing search results, and removing RT news apps from the Windows Store.

Meta also announced on Monday that it had taken down a coordinated network of individuals carrying out inauthentic behaviour on Facebook.

The network was run by people based in Russia and Ukraine, Meta said, and involved the running of fake news websites and creating false personas across a variety of social media platforms.

Related Resource

The best defence against ransomware

How ransomware is evolving and how to defend against it

Blue padlock Free download

“Our investigation is ongoing, and so far we’ve found links between this network and another operation we removed in April 2020, which we then connected to individuals in Russia, the Donbas region in Ukraine and two media organizations in Crimea - NewsFront and SouthFront, now sanctioned by the US government,” said Meta.

Facebook’s parent company also said it observed the long-tracked Ghostwriter hacking group targeting Facebook users, trying to break into their accounts to share videos portraying Ukrainian soldiers as weak and surrendering to Russia. 

Shane Huntley of Google’s Threat Analysis Group (TAG) said his team has been tracking Ghostwriter for longer than a year and most recently observed it launching phishing attacks against the Ukrainian government.

Google has also blocked Russian state-backed media outlets from earning revenue on the YouTube platform, while also recommending their content to users less often, the company told Reuters on Saturday.

Separately, the EU announced that it is developing tools to ban the Kremlin’s “media machine” from spreading “lies” and “their toxic and harmful disinformation” to “justify Putin’s war”.

Twitter also said last week that it is “actively monitoring for risks associated with the conflict in Ukraine”, including disinformation campaigns, while announcing that it has suspended advertisements in Ukraine and Russia to ensure public service information is elevated.

Featured Resources

Four strategies for building a hybrid workplace that works

All indications are that the future of work is hybrid, if it's not here already

Free webinar

The digital marketer’s guide to contextual insights and trends

How to use contextual intelligence to uncover new insights and inform strategies

Free Download

Ransomware and Microsoft 365 for business

What you need to know about reducing ransomware risk

Free Download

Building a modern strategy for analytics and machine learning success

Turning into business value

Free Download

Recommended

What is cyber warfare?
Security

What is cyber warfare?

15 Oct 2021
Senate report slams agencies for poor cyber security
cyber security

Senate report slams agencies for poor cyber security

3 Aug 2021
Most employees put their workplace at risk by taking cyber security shortcuts
cyber security

Most employees put their workplace at risk by taking cyber security shortcuts

27 Jul 2021
61% of organizations say improving security a top priority for 2021
cyber security

61% of organizations say improving security a top priority for 2021

29 Jun 2021

Most Popular

Russian hackers declare war on 10 countries after failed Eurovision DDoS attack
hacking

Russian hackers declare war on 10 countries after failed Eurovision DDoS attack

16 May 2022
Windows Server admins say latest Patch Tuesday broke authentication policies
Server & storage

Windows Server admins say latest Patch Tuesday broke authentication policies

12 May 2022
Microsoft to double salary budget to retain workers
Careers & training

Microsoft to double salary budget to retain workers

17 May 2022