Russia appears to carry out hack through system used by US aid agency

Hackers linked to Russia’s main intelligence agency surreptitiously seized an email system used by the state department’s international aid agency to burrow into the computer networks of human rights groups and other organisations of the sort that have been critical of President Putin, Microsoft said on Thursday.
The newly disclosed attack was particularly bold: By breaching the systems of a supplier used by the government, the hackers sent out genuinelooking emails to over 3,000 accounts across 150 organisations that regularly get communications from the US Agency for International Development. Those emails went out as recently as this week, and Microsoft said it believes the attacks are ongoing.
The email was implanted with code that would give the hackers unlimited access to the computer systems of the recipients, from “stealing data to infecting other computers on a network,” Tom Burt, a Microsoft vice-president, wrote.
Last month, Biden announced a series of new sanctions on Russia and the expulsion of diplomats for a sophisticated hacking operation, called SolarWinds, that used novel methods to breach at least seven government agencies and hundreds of large US companies.
That attack went undetected by the US government for nine months, until it was discovered by a cybersecurity firm. In April, Biden said he could have responded far more strongly, but “chose to be proportionate” because he did not want “to kick off a cycle of escalation and conflict with Russia.” The Russian response nonetheless seems to have been escalation.
Microsoft identified the group behind the attack as Nobelium, and said it was the same group responsible for the SolarWinds hack. A spokesman for the cybersecurity agency at the department of homeland security said itwas “aware of the potential compromise” was working with FBI and USAID to better understand the extent of it. The Kremlin said it had no information about the attack.

Leave a Reply

Your email address will not be published. Required fields are marked *