- ITDM 2025 전망 | “비전을 품은 기술 투자, 모두가 주춤한 시기에 진가 발휘할 것” 컬리 박성철 본부장
- 최형광 칼럼 | 2025 CES @혁신기술 리터러시
- The Model Context Protocol: Simplifying Building AI apps with Anthropic Claude Desktop and Docker | Docker
- This robot vacuum and mop performs as well as some flagship models - but at half the price
- Finally, a ThinkPad model that checks all the boxes for me as a working professional
Russian Military Preparing New Destructive Attacks: Microsoft
Russia is readying another destructive cyber-assault on Ukraine, and could expand its targets to include organizations outside the country supplying Kyiv, according to Microsoft.
Microsoft Threat Intelligence revealed the news in a new report: A year of Russian hybrid warfare in Ukraine.
It said that Sandworm, a unit linked to Russian military intelligence agency GRU, is preparing to follow its Foxblade and Caddywiper efforts last year with new wiper malware.
“As of late 2022, the threat actor may also have been testing additional ransomware-style capabilities that could be used in destructive attacks on organizations outside Ukraine that serve key functions in Ukraine’s supply lines,” it added.
“The Prestige ransomware operation against a Polish firm in late 2022 provides a precedent for such attacks.”
In fact, both Prestige and a separate variant, “Sullivan,” have been linked to Sandworm. Attacks using these malware types may have been attempts to test the reaction of Ukraine’s allies to a targeted destructive attack outside Ukraine, Microsoft claimed.
In a similar way to NotPetya, ransomware is used as a cover for what is actually a destructive attack.
Microsoft said it had observed Russian threat activity against organizations in at least 17 European countries and some in the Americas between January and mid-February this year.
“While these actions are most likely intended to boost intelligence collection against organizations providing political and material support to Ukraine, they could also, if directed, inform destructive operations,” it argued.
At the same time, Russian operatives have been continuing to wage an information war against Ukraine and its allies. They have been stoking fears that Moldova could be next in line for invasion, with the government there even accusing Moscow of plotting to overthrow the current pro-EU administration.
A “hack-and-leak” operation targeting Moldovan politicians is also aimed at sowing distrust between Europeans and their governments, Microsoft warned.