Evidence amassed in recent months shows that Russia often tried to coordinate cyberattacks with physical attacks on the Ukrainian power grid and other targets. But the Ukrainians were often a step ahead of Moscow, and had backup systems in place or rigged new ones, including moving much of the country’s digital operations to the cloud.

Microsoft’s report carries significant weight because the company’s warnings of pending cyberattacks in the run-up to the war were largely accurate. But it also suggests that Russia’s digital warriors, many of whom are linked to the country’s intelligence services, are trying anew in the second year of the war.

In recent months, senior U.S. officials have begun discussing their efforts in late 2021 to help bolster Ukrainian cyberdefenses and a rush to move the operation of government agencies to the cloud in the weeks after the invasion began. That minimized the damage Russia was able to inflict — and allowed President Volodymyr Zelensky of Ukraine to broadcast messages on the internet each day to rally citizens in the fight.

Microsoft said it believed that a group with ties to Russia that it had tracked was conducting actions that could “be in preparation for a renewed offensive,” including reconnaissance, access operations and  data-erasing “wiper” malware, much as hackers did in the opening days of last year’s invasion.

“There is an uptick of trying to gain entry to government targets, trying to gain entry to the critical infrastructure targets to then try and use destructive or modified ransomware attacks,” Mr. Watts said.