OODA Loop – Microsoft reports on Russian cyber warfare and disinformation efforts in Ukraine

Last week, Microsoft released a report with an assessment of cyber lessons learned in Ukraine since the start of the conflict. The result of a collaboration between Microsoft’s threat intelligence and data science teams, the report’s objectives and conclusions are described in an editor’s note as:

• Sharpen our understanding of the threat landscape in the ongoing war in Ukraine;
• A series of lessons and conclusions resulting from the data collected and analyzed;
• New information about Russian efforts, including increased network penetration and espionage activity among allied governments, nonprofits, and other organizations outside of Ukraine;
• Details of sophisticated and widespread Russian foreign influence operations used, among other things, to undermine Western unity and bolster their war effort. We see these foreign influence operations enacted into force in a coordinated manner with the full range of cyber destruction and espionage campaigns; and
• A call for a coordinated and comprehensive strategy to strengthen collective defenses – a task that will require the private sector, the public sector, non-profit organizations and civil society to come together. (1)

Brad Smith, president and vice president of Microsoft, took a non-traditional approach to corporate communications by opening his foreword to the report with a brief overview of the role and history of military technology:

“The recorded history of each war usually includes an account of the first shots fired and who witnessed them. Each story gives insight into not just the start of a war, but the nature of the times in which people lived.

Historians who discuss the first shots of the American Civil War in 1861 typically describe guns, cannons, and sailboats around a fort near Charleston, South Carolina.

Events chained to the outbreak of World War I in 1914 when prominent terrorists on a street in Sarajevo used grenades and a pistol to assassinate the Archduke of the Austro-Hungarian Empire.

We will have to wait for the Nuremberg war trials to fully understand what happened near the Polish border 25 years later. In 1939, Nazi SS troops dressed in Polish uniforms and staged an attack on a German radio station. Adolf Hitler cited such attacks to justify a blitzkrieg invasion that combined tanks, planes, and troops to overrun Polish cities and civilians.

Each of these incidents also provides an account of the technology of the time – technology that would play a role in the ensuing war and in the lives of those who lived through it.

The war in Ukraine follows this pattern. The Russian military crossed the Ukrainian border on February 24, 2022, with a combination of troops, tanks, aircraft and cruise missiles. But the first shots were actually fired hours earlier when the calendar still showed February 23. It was a cyberweapon called “Foxblade” that was launched against computers in Ukraine. Reflecting the technology of our time, those among the first to observe the attack were on the other side of the world, working in the United States in Redmond, Washington.

More than anything, it shows the importance of stepping back and taking stock of the first months of the war in Ukraine, which was devastating for the country in terms of destruction and loss of life, including innocent civilians.

Although no one can predict how long this war will last, it is already evident that it reflects a trend seen in other major conflicts over the past two centuries. Countries fight wars using the latest technologies, and wars themselves accelerate technological change. It is therefore important to continuously assess the impact of war on the development and use of technology.

The Russian invasion relies in part on a cyber strategy that includes at least three separate and sometimes coordinated efforts:

• Destructive cyberattacks in Ukraine;
• Network penetration and espionage outside Ukraine; and
• Cyber ​​influence operations targeting people around the world.

This report provides an update and analysis of each of these areas and the coordination between them. It also offers ideas on how to better counter these threats in this war and beyond, with new opportunities for governments and the private sector to work better together.

A brilliant Forward from Mr. Smith and his team at Microsoft. Let’s get to the report…

To continue reading, please consider signing up as a subscriber or full member to support our ongoing research and analysis. To learn more about the benefits of membership, see below.

Already a member? Sign into your account.

OODA Loop provides intelligence, analysis and actionable insights on global security, technology and business issues. Our members are global leaders, technologists, and intelligence and security professionals who seek to inform their decision-making to understand and manage global risks and opportunities.

Members enjoy all site content plus additional benefits such as attendance at our monthly meetings, unlocked exclusive OODA discounts, discounts on training and conference attendance, job opportunities, our report weekly research and other interesting benefits. Join here.

Explore OODA Research and Analytics

Use OODA Loop to improve your decision making in any competitive business. Explore the OODA Loop

Decision intelligence

The biggest determinant of your success will be the quality of your decisions. We review frameworks to understand and reduce risk while creating opportunity. Topics include Black Swans, Gray Rhinos, Foresight, Strategy, Strategy Games, Business Intelligence and Smart Enterprises. Leadership in the modern age is also a key topic in this area. Explore decision intelligence

Disruptive/Exponential Technology

We keep up with the rapidly changing world of technology, focusing on what leaders need to know to improve decision making. The future of technology is being created now and we provide insights that enable optimized action based on the future of technology. We provide in-depth information on artificial intelligence, machine learning, cloud computing, quantum computing, security technologies and space technologies. Explore disruptive/exponential technology

Security and resilience

Security and resilience topics include geopolitical and cyber risks, cyber conflict, cyber diplomacy, cyber security, conflict between nation states, conflict with non-national states, global health, international crime, supply chain. procurement and terrorism. Explore Security and Resilience

Community

The OODA community includes a broad group of policy makers, analysts, entrepreneurs, government leaders and technology creators. Interact and learn from your peers through monthly online meetings, OODA fairs, the OODAcast, in-person conferences and an online forum. For the most sensitive discussions, interact with leaders through a closed Wickr channel. The community also has access to a members-only video library. Explore the OODA community