Microsoft’s records of Mariupol attacks will be used at future ‘Nuremberg trials’

Microsoft president says platform that captures Russian bombings will be provided to the UN and International Criminal Court

Ukrainian emergency employees and volunteers carry an injured pregnant woman from the damaged by shelling maternity hospital in Mariupol, Ukraine
Destruction by Russian air strikes, such as Mariupol’s maternity hospital in early March, can be captured by commercial satellites Credit: Evgeniy Maloletka/AP

Records of Ukrainian hospital bombings automatically recorded by Microsoft will be used at future 'Nuremberg trials' of Russian war criminals, the company's president has said.

The time and date of attacks are being logged by artificial intelligence tools using live satellite images of occupied Ukraine and the evidence will be made available to prosecutors.

Massacres at locations such as Mariupol’s maternity hospital, destroyed by Russian air strikes in early March, can be captured by commercial satellites and analysed to determine who was responsible.

In a speech in London, Microsoft president Brad Smith said: "It's important to ensure that we create the foundation to do what was done after World War Two, at a place like Nuremberg.

“That's why we're providing the technology platform free of charge for the prosecutor for the UN and the International Criminal Court.”

A captured Russian soldier has already pleaded guilty to murder and war crimes in a Ukrainian court after murdering a 62-year-old civilian cyclist in eastern Ukraine at the outset of the invasion.

Microsoft has given Ukraine $100m of help moving its government IT onto servers outside the country so its public sector can continue to operate.

Mr Smith said cloud computing servers are the modern equivalent of Winston Churchill’s bunker during the Blitz.

Referring to the Cabinet War Rooms, he said German bombing during the Second World War “changed where communications needed to live”.

Mr Smith also compared Microsoft's computer antivirus to the RAF's early warning radar network during the Battle of Britain.

Windows Defender software gives Microsoft early warning of Russian cyberattacks as they begin so the company can alert the Ukrainian government, he explained.

Mr Smith also revealed that Russia has been coordinating its cyberattacks on Ukrainian organisations with ground offensives, appearing to refer to the Russian assault on Hostomel Airport, home to the world’s largest aeroplane, the Antonov An-226 Mriya.

He said: “We would see how they would go from trying to disrupt the network for a city around an airport to then trying to attack and take possession of the airport."

Just 20km from Kiev, Hostomel Airport was the focus of a Russian offensive in February aimed at securing a vital transport node near Ukrainian president Volodymyr Zelensky’s capital.

At the same time as attack helicopters swarmed over the airport Russian hackers deployed so-called ‘wiper’ malicious software which deleted files on any computers it infected. Denial-of-service attacks, which force crucial websites offline, were also observed by Western cyber security companies at the time.

Analysts had expected Russia to use its cyber warfare units to paralyse Ukraine’s infrastructure, something that did not appear to have happened on a wide scale.

Microsoft’s confirmation that Russian cyber warfare in Ukraine has been concentrated on small-scale tactical objectives is likely to reshape Western perceptions of Russia’s hackers.

Comparisons had been drawn between Russia’s conventional military failures and the lack of high-impact cyber attacks.

A Russian attempt to hack a power station in eastern Ukraine with a malicious software ‘bomb’ was caught in its early stages and halted in April.

License this content