For President Vladimir V. Putin of Russia, Ukraine has often been a testing range for cyberweapons.
An attack on Ukraine’s Central Election Commission during a presidential election in 2014, in which Russia sought unsuccessfully to change the result, proved to be a model for the Russian intelligence agencies; the United States later found that they had infiltrated the servers of the Democratic National Committee in the United States. In 2015, the first of two major attacks on Ukraine’s electric grid shut off the lights for hours in different parts of the country, including in Kyiv, the capital.
And in 2017, businesses and government agencies in Ukraine were hit with destructive software called NotPetya, which exploited holes in a type of tax preparation software that was widely used in the country. The attack shut down swaths of the economy and hit FedEx and the shipping company Maersk as well; American intelligence officials later traced it to Russian actors. That software, at least in its overall design, bears some resemblance to what Microsoft warned of on Saturday.
The new attack would wipe hard drives clean and destroy files. Some defense experts have said such an attack could be a prelude to a ground invasion by Russia. Others think it could substitute for an invasion, if the attackers believed a cyberstrike would not prompt the kind of major sanctions that President Biden has vowed to impose in response.