Azure Updates: Microsoft assists Ukraine; Observability; Purview; Application Gateway

Microsoft President and Vice Chair Brad Smith issued a public statement about the ongoing war in Ukraine. He indicated that Microsoft plans to “clos[ely] coordinate” with the US, European Union, and Ukraine.

Several hours before the launch of missiles or movement of tanks on February 24, Microsoft’s Threat Intelligence Center (MSTIC) detected a new round of offensive and destructive cyberattacks directed against Ukraine’s digital infrastructure. We immediately advised the Ukrainian government about the situation, including our identification of the use of a new malware package (which we denominated FoxBlade), and provided technical advice on steps to prevent the malware’s success. (Within three hours of this discovery, signatures to detect this new exploit had been written and added to our Defender anti-malware service, helping to defend against this new threat.) In recent days, we have provided threat intelligence and defensive suggestions to Ukrainian officials regarding attacks on a range of targets, including Ukrainian military institutions and manufacturers and several other Ukrainian government agencies. This work is ongoing.

In contrast to the 2017 NotPetya attack, Microsoft has not seen widespread and indiscriminate malware attacks. Smith stated that Microsoft is sharing information with the US, EU, and Ukraine and has taken down Russian-state sponsored media from its platforms.