The US and Microsoft disrupt a Russian hacking group targeting American
officials and nonprofits
Send a link to a friend
 [October 04, 2024]
By DAVID KLEPPER
WASHINGTON (AP) — A hacking group tied to Russian intelligence tried to
worm its way into the systems of dozens of Western think tanks,
journalists and former military and intelligence officials, Microsoft
and U.S. authorities said Thursday.
The group, known as Star Blizzard to cyberespionage experts, targeted
its victims with emails that appeared to come from a trusted source — a
tactic known as spear phishing. In fact, the emails sought access to the
victims' internal systems, as a way to steal information and disrupt
their activities.
Star Blizzard's actions were persistent and sophisticated, according to
Microsoft, and the group often did detailed research on its targets
before launching an attack. Star Blizzard also went after civil society
groups, U.S. companies, American military contractors and the Department
of Energy, which oversees many nuclear programs, the company said.
On Thursday, a U.S. court unsealed documents authorizing Microsoft and
the Department of Justice to seize more than 100 website domain names
associated with Star Blizzard. That action came after a lawsuit was
filed against the network by Microsoft and the NGO-Information Sharing
and Analysis Center, a nonprofit tech organization that investigated
Star Blizzard.
Authorities haven't gone into details about Star Blizzard's
effectiveness but said they expect Russia to keep deploying hacking and
cyberattacks against the U.S. and its allies.
[to top of second column]
|
“The Russian government ran this scheme to steal Americans’
sensitive information, using seemingly legitimate email accounts to
trick victims into revealing account credentials," Deputy Attorney
General Lisa Monaco said in announcing the U.S. actions against Star
Blizzard. "With the continued support of our private sector
partners, we will be relentless in exposing Russian actors and
cybercriminals and depriving them of the tools of their illicit
trade.”
Star Blizzard has been linked to Russia's Federal Security Service,
or FSB. Last year, British authorities accused the group of mounting
a yearslong cyberespionage campaign against U.K. lawmakers.
Microsoft said it has been tracking the group's activities since
2017.
Microsoft said it observed Star Blizzard attempt dozens of hacking
efforts targeting 30 different groups since January 2023. The tech
giant's cybersecurity experts say Star Blizzard has proven to be
especially elusive.
“Star Blizzard’s ability to adapt and obfuscate its identity
presents a continuing challenge for cybersecurity professionals,”
the company wrote in a report on its findings.
U.S. authorities charged two Russian men last year in connection
with Star Blizzard's past actions. Both are believed to be in
Russia.
Along with American targets, Star Blizzard went after people and
groups throughout Europe and in other NATO countries. Many had
supported Ukraine following Russia's invasion.
A message left with the Russian Embassy in Washington was not
immediately returned Thursday.
All contents © copyright 2024 Associated Press. All rights reserved |
