A Blizzard Is Impacting NATO and Ukraine – The Latest on Russian Cyber Threats

In this episode of the Microsoft Threat Intelligence Podcast, host Sherrod DeGrippo is joined by two Microsoft security researchers to analyze the latest Russian nation-sponsored cyber threat activity. They discuss how Russian threat actors—collectively referred to by Microsoft with the Blizzard suffix—are primarily targeting Ukraine and NATO member states, focusing on espionage, influence operations, and cyber disruption. The conversation covers Russia’s reliance on cybercrime infrastructure, the vulnerabilities of academic and IT supply chains, and the evolving tactics of groups like Secret Blizzard and Seashell Blizzard.  

In this episode you’ll learn:      

• Why 90% of Russian cyber-attacks target Ukraine and NATO member states 
• How Russian threat actors exploit academic identities to infiltrate government networks 
• The role of cybercriminal marketplaces in supplying tools and access to nation-state actors 

Some questions we ask:     

• How does Secret Blizzard leverage infrastructure from other threat groups? 
• Is there evidence of collaboration between different Russian cyber groups? 
• Why is identity security such a critical factor in cyber defense? 

Resources:  

• Attending RSAC? Connect with Sherrod and Microsoft 
• View Sherrod DeGrippo on LinkedIn  

Related Microsoft Podcasts:                   

• Afternoon Cyber Tea with Ann Johnson 
• The BlueHat Podcast 
• Uncovering Hidden Risks     

Discover and follow other Microsoft podcasts at microsoft.com/podcasts  

Get the latest threat intelligence insights and guidance at Microsoft Security Insider 

The Microsoft Threat Intelligence Podcast is produced by Microsoft and distributed as part of N2K media network.