The United States Department of Justice and Microsoft announced on Thursday (October 3) that a hacker group linked to Russian intelligence agencies attempted to infiltrate the systems of dozens of Western think tanks, journalists, and former military and intelligence officials. The Department of Justice and Microsoft are working together to dismantle this hacker group.
According to the Associated Press, the hacker group, known by cybersecurity experts as “Star Blizzard,” targets victims through seemingly credible emails in a tactic called spear phishing. These emails try to access the victims’ internal systems to steal information and disrupt their activities.
Microsoft stated that the actions of “Star Blizzard” are persistent, complex, and the group conducts detailed research on targets before launching attacks. It has targeted civilian organizations, U.S. companies, American military contractors, and the Department of Energy, which oversees many nuclear programs.
On Thursday, a U.S. court publicly authorized Microsoft and the Department of Justice to seize documents related to over a hundred website domains associated with “Star Blizzard.”
While the Department of Justice has not provided detailed information on the effectiveness of “Star Blizzard,” they anticipate that Russia will continue to conduct hacking and cyber attacks against the United States and its allies.
Deputy Attorney General Lisa Monaco, when announcing the action against “Star Blizzard,” said, “The Russian government is using seemingly legitimate email accounts to deceive victims into disclosing account credentials, thereby stealing sensitive information from Americans.”
“Star Blizzard” has been linked to the Russian Federal Security Service (FSB). Last year, British authorities accused the organization of carrying out cyber attacks against British lawmakers for several years. Microsoft stated that they have been tracking the group’s activities since 2017.
Since January 2023, Microsoft has observed “Star Blizzard” attempting dozens of hacker attacks against 30 different groups. Their cybersecurity experts have found “Star Blizzard” to be particularly elusive.
In their investigation report, Microsoft wrote, “The adaptability and ability to obfuscate identities of ‘Star Blizzard’ present an ongoing challenge for cybersecurity experts.”
U.S. authorities charged two Russian men last year in connection with “Star Blizzard.” These individuals are believed to be in Russia.
In addition to targeting U.S. interests, “Star Blizzard” has also targeted individuals and groups in Europe and other NATO countries who have expressed support for Ukraine following Russia’s invasion of Ukraine.