Tech giant Microsoft (MSFT) provided tech and monetary assistance to Ukraine as it fought against cyber attacks from Russia.
The company made both financial and technological commitments to Ukraine as it was invaded by Russia in February. Microsoft promised a total of $239 million in assistance, including $107 million to "literally move the government and much of the country of Ukraine from on-premises servers to the cloud," Microsoft President Brad Smith said in an interview with GeekWire last week at his office in Redmond, Washington.
The Russian government has engaged in malicious cyber activities to suppress various political and social activity, according to the Cybersecurity and Infrastructure Security Agency (CISA).
The Russian state-sponsored cyber actors have the ability to "compromise IT networks; develop mechanisms to maintain long-term, persistent access to IT networks; exfiltrate sensitive data from IT and operational technology (OT) networks; and disrupt critical industrial control systems (ICS)/OT functions by deploying destructive malware," CISA said in May.
Spread Malware
Russia remains "one of the world’s major cyber powers," Smith said.
Microsoft moved Ukraine's services and data to the cloud and also in European data centers. Other tech companies also provided the country with cyber security assistance, including Amazon ((AMZN)) and Google ((GOOGL)).
"I think this has been a rallying cry and a unifying opportunity for our industry to really add not just value but extraordinary protection to more than 40 million people who need it," he said.
By providing defensive protection against cyber attacks and dispersing data into the cloud, Microsoft helped Ukraine avoid attacks on threat intelligence and endpoint protection.
Russia's global influence via cyber attacks has been immense - its network attempted to penetrate 128 organizations in 42 countries in an effort to "promote Russia’s war aims," Smith said.
Microsoft does have its own security issues due to flaws in its software.
But Smith said the cyber attacks in Ukraine were not able to take advantage of vulnerabilties in Microsoft's software.
"These were classic cases of people trying to enter a network, often through phishing and other efforts," he said. "They were efforts to then penetrate a network and spread malware, once one had access to a network domain."
Stay Ahead
Microsoft needs to stay ahead of the game when it comes thwarting cyber criminals from penetrating its software, services and products, Smith said.
"And I think it’s fair to say, it’s even right to say, that the world keeps changing. And we need to keep changing with it, to properly protect the security of people using Microsoft products and services," he said.
One solution that Microsoft turned to quickly in May was allowing multi-factor authentication and changing some default settings.
"One of the concerns, even criticisms, that some people had was that we were not doing everything we could to protect people using our products, because we didn’t turn on so much by default," Smith said. "And we listened to that, and we made a change."
Placing more data in the cloud and less on-premises is "likely to better serve customers and better protect security," he said.
When a company's services are in the cloud, there is more visibility to potential or on-going attacks than ones ocurring in a server or on-premises.
"And a lot of what we were able to do to help defend customers in Ukraine or say, you know, in outside Ukraine with these most recent Russian network penetration efforts is find things in the cloud," Smith said.