By AJ Vicens (Reuters) -One of the Russian government’s premier cyber espionage units is deploying malware against embassies and diplomatic organizations in Moscow by leveraging local internet service
FSB Engages in Cyber Espionage Against Foreign Embassies in Moscow
By AJ Vicens
(Reuters) -One of the Russian government’s premier cyber espionage units is deploying malware against embassies and diplomatic organizations in Moscow by leveraging local internet service providers, Microsoft said on Thursday.
The analysis confirms for the first time that Russia’s Federal Security Service, also known as the FSB, is conducting cyber espionage at the ISP level, according to findings from Microsoft Threat Intelligence.
“Microsoft is now certain that this activity is happening within Russian borders,” Microsoft's director of Threat Intelligence Strategy, Sherrod DeGrippo, told Reuters.
Microsoft’s findings come amid increasing pressure from Washington for Moscow to agree to a ceasefire in its war in Ukraine and pledges from NATO countries to increase defense spending surrounding their own concerns about Russia.
The analysis tracks an FSB cyber espionage campaign that in February targeted unnamed foreign embassies in Moscow. The FSB activity facilitates the installation of custom backdoors on targeted computers, which can be used to install additional malware as well as steal data.
Reuters could not determine which embassies were targeted. The U.S. State Department did not respond to a request for comment.
Russian diplomats did not immediately respond to a request for comment. Moscow routinely denies carrying out cyber espionage operations.
The hacking unit linked to the activity, which Microsoft tracks as “Secret Blizzard” and others categorize as “Turla,” has been hacking governments, journalists and others for nearly 20 years, the U.S. government said in May 2023 after the FBI disrupted one of its long-running operations.
(Reporting by AJ Vicens in Detroit; Editing by Matthew Lewis)
