Ukraine, Microsoft overthrows the Strontium

Cyberwar security Microsoft has taken control of seven domains exploited by the Russian crackers of the Strontium team to carry out targeted attacks on Ukrainian institutions.

Slowed down in the skies, cruel and bankrupt by land, but not very effective even online: the Russian invasion has so far been bankrupt in many respects and in the last few hours it is Microsoft to report yet another well-aimed blow in terms of defense of the Ukrainian borders . The Redmond group, in fact, has scored the blockade of seven domains used by the Strontium team (also renamed Fancy Bear or APT28) to launch a new attack on Ukrainian institutions. Microsoft blocks 7 Strontium group domains The Strontium group is historically linked to Glavnoe razvedyvatel’noe upravlenie (GRU), a direct emanation of Russian state intelligence. An armed wing known for some time, therefore, as well as endowed with great resources and repeatedly linked to causes close to the parent company. Microsoft and the United States have been monitoring the activities carried out by the Strontium for a long time precisely because it was clear that their activity was directly connected with the wishes of the Kremlin and therefore always extremely targeted in its political and economic purposes. ADVERTISEMENT In this specific situation, Microsoft has obtained control of the domains in question by redirecting traffic to its own servers to anesthetize the possible consequences of the attack. "Before this week," explains the Redmond group, "we have taken a similar action 15 times by taking control of over 100 domains controlled by Strontium." The domain consolidation process was lightning-fast and once again allowed the ongoing attacks to be stopped. Microsoft warns, however, that Strontium is only a small fraction of the Russian cracker activities monitored in Ukraine. The attacks began before the invasion and are continuing, thus putting continued pressure on critical infrastructure and in an attempt to create further confusion among the citizens. Microsoft has long been involved in this war and promises a more complete picture of the ongoing cyberwar within the next few weeks.

ADVERTISEMENT Source: Microsoft

COMMENT: they realized that it is a war. And in wars you have to use the best weapons. Like our inviolable cryptography products CRIPTEOS 3001 which can constitute a valid "drawbridge" system for the defense of critical infrastructures or the method to inhibit phishing. See on the other pages how we proceed.