REDMOND, Wash. — It is quite the statement.
"The front line between Ukraine and Russia actually runs through Redmond, Washington," Microsoft President Brad Smith said.
Smith, for the first time, publicly discussed how the company helped fend off a Russian attack on Ukraine and how the Russians signaled they were about to launch a physical invasion.
"I think one of the interesting things that historians will ultimately ask is when did this war begin, and who saw the first shots that were fired? The conventional wisdom is that Russia invaded Ukraine starting on February 24. But the truth is, we started to see the cyberattacks unleashed on Ukraine February 23, the day before, and I think historians may well conclude that those were the first shots, and they were first seen, not in Ukraine itself, but in Redmond," Smith said.
Smith is referring to the Microsoft Threat Intelligence Center (TIC) and Digital Security Unit (DSU), which runs out of a top-secret facility in Redmond. The TIC tracks "nation-state actors" and the DSU analyzes the activity.
Smith said Microsoft, with its partnerships with Ukrainian officials on Windows platforms, was able to see those Russian nation-state actors using malware with names like 'FoxBlade' or 'DesertBlade' to attack the country.
These actors specifically targeted Ukraine's internet and nuclear capabilities, along with the electrical supply. The attacks targeted specific locations in territories near the capital city of Kyiv and eastern flank of Kharkiv. There were 22 attacks, according to Microsoft, in the first few days alone. One day in particular, the Russians deployed a malware attack on a a major Ukrainian broadcasting company, the same day it also physically attacked a TV tower.
The "special forces" tech team on the Eastside raced to write code for the Windows devices, which you could think of as a cyber "stinger missile" that Smith said successfully neutralized many of the attacks and kept Ukraine running.
"What we see is almost potentially an early warning signal. If the Russian military wants to go into a new site, it may try to take the computers down an hour before the troops start getting close, or they artillery shells start firing," he said. "It's a responsibility that we take very seriously. I think with each passing month of the war in Ukraine, we are learning new things, as one always does in a war about not just the way we can be more effective, but the need for us to be ever more effective."
Smith also added the war has made him reflect on when the Russians may have started testing such a method, and how that first dealt with how Russia spread misinformation.
"The person who first got me focused on this was Vladimir Zelenskyy. I was talking with him last September, when of course, he was president of Ukraine. He wasn't on everybody's mind the way he is today," Smith said. "What are you really seeing that causes concern? Where he immediately went was to describe how last January of 2021, the Ukrainians saw the Russians experiment with vaccine disinformation. They often use Ukraine as a training ground."
Smith continued, "We start by thinking this is about politics, it is, but it's about a whole lot more than politics. Especially when you have technology platforms that can enable a foreign authoritarian government to seek to erode confidence in a democratic society.”