Details are still emerging about what the U.S. government described as a “power collaboration” teaming private companies, including Microsoft, with the National Security Agency against Russian cyberattackers. The NSA cybersecurity officials’ work with Microsoft and others was intended to stop Russia dead in its tracks before devastating attacks could eviscerate Ukrainian networks and serve as a launchpad for an assault on the United States, according to U.S. officials.
“These interactions made big impacts defending Ukrainian networks, as Ambassador Fick noted,” Mr. Joyce said. “They also broadly addressed capabilities that could be used against U.S. government, industry and critical infrastructure. The unique NSA insights, partnered with industry’s visibility and capacity to act is a power collaboration, making us all safer at scale.”
After Russia’s assault on Ukraine began, however, an expected large-scale cyber conflict did not immediately materialize. Senate intelligence committee Chairman Mark Warner, Virginia Democrat, said in March 2022 that the government could not fully explain the lack of a major cyberattack. Microsoft has decided to hide details of its work with the U.S. intelligence community from public view. After initially saying that Microsoft corporate Vice President of Security and Trust Tom Burt would speak with The Times, the company later refused to make him or anyone else available for an interview.
“Mandiant has been working with our partners in Ukraine and elsewhere since before the invasion to protect our customers and community from Russian cyber espionage and cyberattack,” said Mandiant executive John Hultquist in a statement. “Within the context of this campaign and others we have found that an intelligence lead approach is effective in identifying threats and even thwarting attacks.”
The group’s government website defines its success stories as including the creation of a “Russia-Ukraine Tensions Plan” in early 2022, running a tabletop exercise gaming out its execution, and creating a list of free cybersecurity tools. Big tech companies are not shy about disclosing their assistance to Ukraine and are expected to reveal more in the coming days as the one-year anniversary of Russia’s invasion approaches.
In December, Microsoft’s Clint Watts said Russian military intelligence-affiliated cyberattackers had struck at energy, water, and other infrastructure organizations’ networks while missiles took out power and water supplies. He also said destructive cyberactivity had spread outside Ukraine to Poland, in a potential effort to halt supplies and weapons moving into the country.
No doubt, no choice; teamwork.