Microsoft gives away '$400m in cloud support' to Ukraine
Freedom isn't free
The Ukraine government will continue to be able to run its digital infrastructure through the Microsoft Cloud for free in 2023, the tech giant confirmed today.
In a blog post, Microsoft president Brad Smith said that technical support will continue to be available to the embattled country and could add up to as much as $100 million for the year and bring the cost of Redmond's financial support for Ukraine to more than $400 million across all software systems.
Smith appeared with Mykhailo Fedorov, Ukraine's vice prime minister and minister of digital transformation, during a press conference at the annual Web Summit in Lisbon, Portugal, to announce the continued support.
Microsoft is among a large number of tech vendors who have lent support to the country since Russia's illegal invasion started in February. Russia has made a point of attacking Ukraine's infrastructure, including its IT capabilities, and conducted a cyber warfare campaign against its smaller neighbor even before fighting broke out officially.
The help going into Ukraine from tech companies on the outside has touched myriad sectors. For example, Microsoft and its search and cloud rival Google addressed misinformation coming from Russia by blocking state media in the country, like Sputnik and RT.
Companies like Amazon, Apple, and Salesforce donated millions of dollars in humanitarian support, and SpaceX's Starlink – with the help of the US government – has kept broadband satellite services available. Internet access is a critical component of the country's military defense.
The group behind recent cyber attacks on Ukrainian military institutions is expanding the range of products it's spoofing to deploy the remote access trojan dubbed RomCom RAT.
Researchers with BlackBerry's Threat Research and Intelligence Team said in a report this week that the criminals have started including fake versions of legitimate software SolarWinds Network Performance Monitor, KeePass's password manager, and Adobe PDF Reader Pro.
This adds to the rogue Advanced IP Scanner application that the BlackBerry analysts wrote the group was using in another report last week.
According to the latest report, Ukrainian entities are still the primary target but the UK also may be in the gang's sights.
"Given the geography of the targets and the current geopolitical situation, it's unlikely that the RomCom RAT threat actor is cybercrime-motivated," they wrote.
The RomCom threat group creates spoofed websites that look like legitimate properties and have a similar domain name. They create trojanized versions of the real applications which they upload to the decoy site and send targeted phishing emails to victims.
"The continued defense of Ukraine depends in part on a critical digital alliance of countries, companies and nonprofits," Microsoft's Smith wrote. "By dispersing digital infrastructure into the public cloud, Microsoft and others have supported critical Ukrainian services through datacenters across Europe."
Doing so has been critical to "protecting the resilience and security of Ukraine's data and digital services even in the face of Russian cruise missile and other kinetic attacks on Ukraine's government datacenter and other physical assets," he wrote.
Running technology services in the cloud is part of Microsoft's efforts, but the company also is supporting humanitarian efforts in Ukraine, Poland, and other European countries. It's also delivering data and support to international organizations that are helping Ukraine investigate Russian war crimes against Ukrainian civilians, Smith wrote.
It also is helping with Ukraine's ongoing cyber security protection. Its Threat Intelligence Center last month noted a novel ransomware called Prestige that was targeting transportation and logistics industries in Ukraine and Poland. ®