WASHINGTON — A wave of cyberattacks hitting Ukrainian government agencies and information-technology vendors has been traced back to hackers associated with Russia’s military intelligence service, the GRU, an official with Microsoft said in a blog post.
The ongoing digital belligerence is attributed to a group dubbed “Cadet Blizzard,” allegedly active since 2020, Tom Burt, corporate vice president for customer security and trust, said in the post. The company also connected the group to destructive data-wiping attacks that plagued Ukraine ahead of Russia’s invasion in February 2022.
Russia historically uses cyber to project power, soften targets and meddle in foreign affairs. An International Institute for Strategic Studies report in 2021 placed the country in tier two of its cyber powerhouse rankings, alongside China but behind the U.S.
In addition to targeting Ukraine, Cadet Blizzard is focusing efforts on NATO members that are funneling military aid into Eastern Europe, Microsoft said. Countries have committed billions of dollars in equipment, ordnance and combat vehicles to Ukraine to help battle back Russian forces.
“While it has not been the most successful Russian actor, Cadet Blizzard has seen some recent success,” Burt said in the post. “Microsoft’s unique visibility into their operations has motivated us to share information with the security ecosystem and customers to raise visibility and protections against their attacks.”
U.S. leaders have for more than a year urged the private and public sectors to step up their cybersecurity practices and keep an eye out for virtual irregularities.
Colin Demarest is a reporter at C4ISRNET, where he covers military networks, cyber and IT. Colin previously covered the Department of Energy and its National Nuclear Security Administration — namely Cold War cleanup and nuclear weapons development — for a daily newspaper in South Carolina. Colin is also an award-winning photographer.