This is stated in a Microsoft report released Wednesday, Ukrinform reported, citing Reuters.

The report, prepared by the Cyber ​​Security Research and Analysis Team, contains some estimates of the activities of Russian hackers during the war.

“Since January 2023, the Microsoft Corporation has observed how Russian cybergroups have adjusted their activities to amplify their devastating impact and gather intelligence information about the civilian and military facilities of Ukraine and its partners,” the authors of the report wrote.

According to them, a group “seems to be preparing for a new subversive campaign.”

Microsoft has revealed that a particularly active Russian hacking team known as Sandworm is testing “additional ransomware capabilities that could be used to launch devastating attacks on organizations that perform important functions in supply chains outside of Ukraine.”

Attacks using these programs, as a rule, involve hackers who break into organizations’ servers, encrypt data and demand money in return for restoring access. Ransomware is also used to cover up further malicious activity, including data destruction (called “sweepers”).

Since January 2022, Microsoft has identified at least nine different “scavengers” and two types of ransomware used against more than 100 Ukrainian organizations.

The number of covert Russian cyber operations aimed at capturing Ukrainian organizations in the West has also increased, according to the report.

“Russian threat actors in the US and European countries, particularly those neighboring Ukraine, are trying to gain access to government and business organizations that support Ukraine,” said Clint Watts, general manager of Microsoft’s Center for Digital Threat Analysis.

As reported, German and Ukrainian police agencies, with support from Europol, the FBI, and the Netherlands, conducted searches in the case of an international hacker group that has been active for several years. Among the suspects are Russians.