Half of the 128 organizations targeted are government agencies and 12% are nongovernmental agencies, typically think tanks or humanitarian groups, according to the 28-page report. Other targets include telecommunications, energy and defense companies.
Microsoft said Ukraine's cyber defenses "have proven stronger" overall than Russia's capabilities in "waves of destructive cyberattacks against 48 distinct Ukrainian agencies and enterprises." Moscow's military hackers have been cautious not to unleash destructive data-destroying worms that could spread outside Ukraine, as the NotPetya virus did in 2017, the report noted.
"During the past month, as the Russian military moved to concentrate its attacks in the Donbas region, the number of destructive attacks has fallen," according to the report, "Defending Ukraine: Early Lessons from the Cyber War." The Redmond, Washington, company has unique insight in the domain due to the ubiquity of its software and threat detection teams.
Microsoft said Ukraine has also set an example in data safeguarding. Ukraine went from storing its data locally on servers in government buildings a week before the Russian invasion — making them vulnerable to aerial attack — to dispersing that data in the cloud, hosted in data centers across Europe.
The report also assessed Russian disinformation and propaganda aimed at “undermining Western unity and deflecting criticism of Russian military war crimes” and wooing people in nonaligned countries.
Using artificial intelligence tools, Microsoft said, it estimated "Russian cyber influence operations successfully increased the spread of Russian propaganda after the war began by 216 percent in Ukraine and 82 percent in the United States.”