Microsoft, Ukraine, and the Future of Cybersecurity Amidst Global Conflict

Last Wednesday, Microsoft’s Threat Intelligence Center alarms blazed as a never-before-seen piece of malware appeared aimed at Ukraine’s government ministries and financial institutions. Amazingly, Microsoft was able to update its virus detection systems and were updated to block the malicious code which was built to ‘wipe’ data on computers in a network.

Why this matters? 

Typically tech giants do not involve themselves in global disputes or conflicts, however, Microsoft was asked by European nations to provide tthe updated code to prevent the malware attacks so that Ukrainian and other Baltic regions would be safe from Russian cyberattacks. This is a significant boundary to cross as Washington for years has discussed the need for public/private partnerships to thwart destructive cyberattacks. 

What Microsoft has to say.

Brad Smith, Microsoft’s president had this to say about the recent attacks, which highlight the change in tone from what is a normally a neutral response to global, political matters: “We are a company and not a government or a country.” “[Yet] These recent and ongoing cyberattacks have been precisely targeted, and we have not seen the use of the indiscriminate malware technology that spread across Ukraine’s economy and beyond its borders in the 2017 NotPetya attack. But we remain especially concerned about recent cyberattacks on Ukrainian civilian digital targets, including the financial sector, agriculture sector, emergency response services, humanitarian aid efforts, and energy sector organizations and enterprises. These attacks on civilian targets raise serious concerns under the Geneva Convention, and we have shared information with the Ukrainian government about each of them. We have also advised the Ukrainian government about recent cyber efforts to steal a wide range of data, including health, insurance, and transportation-related personally identifiable information (PII), as well as other government data sets.

How will this impact the future of IT? 

Cyberwarefare has been around since the Cold War, but there have been no regulations within the Geneva Convention over who can be targeted. The recent attacks on Ukrainian insitutions like their emergency response systems, humanitarian efforts and agricultural program raise serious concerns. 

Conclusion 

Cybersecurity will continue to be extremely important during both war and peace time, but the recent events surrounding the cyberattacks on Ukraine will begin to muddle the future for how tech giants position themselves during global conflict. We could very likely see private companies play a pivotal role in conflict, similar to how Ford Motor Company provided Humvees during World War 2.