Photo: Associated Press
Russian operatives have hacked the US Agency for International Development, hoping to monitor human rights groups and opponents of President Vladimir Putin.
Microsoft disclosed the hacking on Thursday, three weeks before President Joe Biden is scheduled to meet Putin in Geneva.
The hackers sent genuine-looking e-mails, from AID addresses, to more than 3,000 accounts across more than 150 organizations which regularly receive notices. They did so by circumventing AID and penetrating its software supplier Constant Contact.
Microsoft Vice President Tom Burt wrote, “At least a quarter of the targeted organizations were involved in international development, humanitarian, and human rights work.”
The e-mails, posted up to last week, had titles such as “Donald Trump has published new emails on election fraud”. They were implanted with code giving hackers unlimited access to the computer systems of recipients. Data could be stolen and other computers on networks infected.
Microsoft identified the Russian group behind the attack as Nobelium, which also carried out last year’s SolarWinds hack of nine US Government agencies and more than 100 companies in the compromise of more than 16,000 computer systems.
Imposing sanctions and expelling Russian personnel last month, the Biden Administration declassified a US intelligence assessment that the Russian foreign intelligence service SVR was responsible.
The SVR hacked the Democratic National Committee in 2016. Before that, it carried out attacks on the Pentagon, the White House e-mail system, and the State Department’s unclassified communications.
Microsoft’s Burt also noted that “at the height of the Covid-19 pandemic, Russian actor Strontium targeted healthcare organizations involved in vaccines”, after trying to penetrate sporting and anti-doping organizations in 2019.