Microsoft warns to stay vigilant and prepare for cyber attacks from Russia this winter. With missiles, drones, and cyber attacks, the onslaught against Ukraine has been brutal and will reportedly get worse in the coming months.

"Moscow is intensifying its multi-pronged hybrid technology approach to pressure Kiev's military and political sources of support," Microsoft said in a recent blog post (opens in new tab) (via Bleeping Computer (opens in new tab (via Bleeping Computer (opens in new tab)).

"Recent attacks in Poland suggest that Russian state-sponsored cyberattacks may increasingly be used outside of Ukraine to undermine foreign-based supply chains.

In late October, Russian forces were pushed out of areas they once occupied and retaliated with missiles, drones, and cyber attacks, leaving large parts of Kiev in need of simple water supplies.

The Russian ATP group known to Microsoft as IRIDIUM, also known as Sandworm (open in new tab), is believed to be working with the GRU, a Russian intelligence agency, in a concerted effort to inflict suffering on the Ukrainian people. The group has been active for almost a decade, as Microsoft notes that "after Russia's annexation of Crimea in 2014, IRIDIUM launched a series of winter operations against Ukraine's electricity suppliers, cutting power to hundreds of thousands of citizens in 2015 and 2016."

Winter, of course, provides a powerful complement to attacks on infrastructure that cause power outages. For many, power outages mean no heating. For this reason, attacks are expected to increase, especially in winter. [Microsoft reports that the Sandworm deployed Prestige ransomware in logistics and transportation in Poland and Ukraine. Microsoft explains that this was the "first war-related cyberattack against an entity outside of Ukraine since the Viasat KA-SAT attack at the start of the invasion."

It has intensified since then, but Microsoft has offered a plan to counter the coming cyber attacks. This winter and into 2023, Microsoft will work with customers to support democracies by: detecting... Disrupt... Prevent... Deterrence."

The post concludes with the suggestion for customers to "encourage the use of strong cyber hygiene and the latest detection and response technologies to reduce vulnerability to and recover from cyber attacks."