In a blog post yesterday, Microsoft announced they disrupted cyber-attacks conducted by Russian state actors targeting Ukraine. The attacks were coming from Strontium, a threat actor connected to Russian intelligence services that Microsoft has been tracking for years. Microsoft observed Strontium using seven domains to target Ukrainian media organizations. Microsoft stated, “On Wednesday, April 6th, we obtained a court order authorizing us to take control of seven internet domains Strontium was using to conduct these attacks.” This is not the only time Microsoft has observed Russian state actors targeting the Ukraine. Since the Russian invasion of Ukraine, Microsoft has observed nearly all known Russian-backed hackers conducting attacks on Ukrainian organizations. Russia has been conducting a full scale cyber assault on the Ukrainian government and the country’s critical infrastructure. Microsoft said they have been working closely with the Ukrainian government to notify them and help defend against the attacks.
When evaluating a Managed Detection & Response (MDR) service there are 5 critical components that