This article was originally published by Radio Free Europe/Radio Liberty and is reprinted with permission.
The White House has suggested that government agencies largely rebuffed the latest cyberassault on U.S. targets by suspected Russian intelligence operatives and downplayed adversarial tensions ahead of a summit next month between the U.S. and Russian presidents.
On May 27, Microsoft said hacking group Nobelium, originating from Russia, had launched an assault on government agencies and think tanks using an e-mail marketing account of the U.S. Agency for International Development (USAID).
AP quoted unnamed administration officials on May 28 as describing the attacks on USAID, think tanks, and other organizations as “basic phishing,” in which e-mails are used to try to embed malware in computer systems.
Asked whether the hacking discovery would affect the Biden-Putin summit, White House principal deputy press secretary Karine Jean-Pierre said, “We’re going to move forward with that.”
U.S. President Joe Biden is slated to hold his first summit with Russia’s Vladimir Putin since taking office in January in Geneva, Switzerland, on June 16.
Kremlin spokesman Dmitry Peskov told reporters this week that Moscow did not have any detailed information from Microsoft on the attack and that it so far was not a topic on the summit agenda.
The “wave of attacks” targeted about 3,000 e-mail accounts at more than 150 different organizations, Microsoft Vice President Tom Burt said in a blog post.
Burt said Russian-based Nobelium was the same actor that was behind a major attack last year on SolarWinds customers, including U.S. government bodies.
The SolarWinds attack compromised at least nine government agencies and hundreds of private companies, and was functioning from 2019 before being detected late last year.
This latest effort appeared to have been less stealthy, experts have said.
At least one-quarter of the organizations targeted in the latest cyberattack are involved in international development, humanitarian, and human rights work, and the targeted victims are in at least 24 countries, Burt said without saying whether any of the attempts led to successful intrusions.
Most appeared to have been blocked by spam guards, Microsoft said on May 28, adding that it was “not seeing evidence of any significant number of compromised organizations at this time.”
A USAID spokesperson said that agency was still investigating the possible intrusion.
The Biden administration’s proposed $6 trillion budget includes $750 million to boost cyberdefenses at nine government agencies hit by the SolarWinds hack that was blamed by U.S. and British officials on Russia’s Foreign Intelligence Service (SVR).
The SolarWinds hack gave the perpetrators access to thousands of companies and government offices that used that company’s software.
This month, Russia’s spy chief denied responsibility for the SolarWinds cyberattack but said he was “flattered” by the accusations that Russian foreign intelligence was behind such a sophisticated hack.