Not only has Russia seen setbacks on the battlefield in Ukraine, it's not faring well in the less-obvious cyberwar either. One reason: Russia's ally Belarus was still using Windows XP to keep the trains running on time. When Russia launched its all-out attack against Ukraine in February, the world expected the invaders to roll over the country quickly. That didn’t happen, and Ukraine today, though still under assault, has so far thwarted Russia’s ambitions to conquer it. Russia has also been fighting a quieter war against Ukraine, a cyberwar, deploying what had been considered the most feared state-sponsored hackers in the world. And in the same way that Ukraine has fended off Russia’s military might, it’s been winning the cyberwar as well. In that cyberwar, as always, the terrain is primarily Windows, because it represents the largest and most vulnerable attack surface in the world. The facts about what exactly is going on have been shadowy. But there’s plenty of evidence that Ukraine may keep the upper hand. Windows XP and the initial Russian invasion The first loss Russia suffered in the cyberwar came at the very beginning of its invasion — in fact, even before the invasion began. Russia used the extensive railways of its partner in the war, Belarus, to rush soldiers, tanks, heavy weapons and other war materiel to the Ukraine border. Once the invasion began, it used the same railroads as a primary supply chain for its troops, and to send more tanks and weapons into Ukraine. But then came the Cyber Partisans, a hacktivist group of exiled Belarus tech professionals that had for years been fighting Belarussian dictator Grigoryevich Lukashenko. At the first signs of the Russian buildup, the Cyber Partisans attacked the Belarussian train system, slowing troop movements, supplies and weaponry. They worked in concert with Belarusian railroad workers and dissident Belarusian security forces. The “Washington Post” notes that they played “a role in fueling the logistical chaos that quickly engulfed the Russians, leaving troops stranded on the front lines without food, fuel and ammunition within days of the invasion.” Thanks to that chaos in the face of fierce of Ukrainian resistance, the Russians couldn’t take the Ukraine capital Kyiv and other cities in the north of the country. Eventually they turned their attention to the south and east. The Cyber Partisans were successful, in part, because Belarus’s train system runs on the more-than-year-20-old Windows XP, a hacker’s best friend. Cyber Partisans spokesperson Yuliana Shemetovets explained to Vice in a video, “Tanks cannot be transported by planes. Heavy artillery cannot be transported by planes. So, they do need to use these trains. Cyber Partisans attack the internal network of the railway systems, as well as equipment, software, and any databases that are associated with the railway systems…. Windows XP is a really old program and it can be easily attacked…. One of the reasons it was so easy to hack these systems is because Lukashenko prefers loyalism over professionalism. They didn’t secure the systems. So, as much as people admire the work of Cyber Partisans, we should also state that it was not that hard to hack, because Lukashenko’s regime disregarded simple cybersecurity practices.” The Cyber Partisan reveled publicly in what they did, at point tweeting screenshots of the hacked Belarus train software and calling it, “An outdated piece of crapware that runs on Windows XP.” Ukrainians step up The Cyber Partisans aren’t the only ones involved in the cyberwar against Russia. The Ukrainians are, too — and there’s evidence they’ve held off what has long been considered the perhaps most fearsome cyberwarriors in the world: Russian intelligence agencies and the hacking groups they support. A Microsoft report found plenty of evidence that Russia is engaged in a “hybrid war,” using soldiers and weaponry in tandem with cyberattacks and the online spread of misinformation. For example, the report found the Russians targeted a government agency with malware in coordination with hitting government buildings with missile strikes. As the Russians turned their ground and missile attacks towards the east and south, they also coordinated cyberattacks there. Throughout the war, many of the Russian attacks targeted Windows machines. Russian hackers frequently used the Windows utility SecureDelete to, in the words of Microsoft, “permanently delete data from targeted devices.” Tom Burt, who oversees Microsoft’s investigations into the biggest and most complex cyberattacks, says of the Russian cyberattacks: “They brought destructive efforts, they brought espionage efforts, they brought all their best actors to focus on this…. It’s definitely the A-team.” The “New York Times” reports, “…Ukrainian defenders were able to thwart some of the attacks, having become accustomed to fending off Russian hackers after years of online intrusions in Ukraine…. Ukrainian officials said they believed Russia had brought all of its cyber-capabilities to bear on the country. Still, Ukraine managed to fend off many of the attacks.” Burt added: “Ukrainians themselves have been better defenders than was anticipated, and I think that’s true on both sides of this hybrid war. They’ve been doing a good job, both defending against the cyberattacks and recovering from them when they are successful.” This doesn’t mean, of course, that the Ukrainians will eventually win the cyberwar or the physical war. But the evidence so far shows they can at least hold their own in the cyberwar with the Russians, which bodes well for their future. Related content news analysis Chasing business and partnerships, Apple goes APAC Apple CEO Tim Cook’s week-long visit to Indonesia, Vietnam, and Singapore highlights how the company continues to explore new opportunities in global markets. By Jonny Evans Apr 19, 2024 4 mins Manufacturing Industry Apple Vendors and Providers news Microsoft reminder: Support for Office 2016 and 2019 ends next year Older versions of Office apps and servers will no longer get security updates as of October 2025 — when Windows 10 also reaches end of support. By Matthew Finnegan Apr 19, 2024 3 mins Microsoft Office Microsoft Office Suites news Google consolidates AI teams into DeepMind to scale capacity The restructuring will simplify development by concentrating compute-intensive model building in one place and establishing single access points for PAs looking to take these models and build generative AI applications, Google said. By Gyana Swain Apr 19, 2024 4 mins Google news Zoom offers AI-based updates to its Workplace collaboration space The company's Workplace collaboration space gets several user interface upgrades over its previous version. By Lucas Mearian Apr 18, 2024 3 mins Zoom Video Communications Generative AI Collaboration Software Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe