Microsoft said a Russian state-backed cyber-espionage group tried to hack into US and European Union government institutions to conduct attacks to support Moscow’s invasion of Ukraine.
In a blog post on Thursday, Microsoft said it had disrupted the cyber attacks, which it attributed to Strontium, a hacking group linked to Russia’s military intelligence.
The group had targeted US and EU government agencies, foreign policy think tanks and Ukrainian media.
“We believe Strontium was attempting to establish long-term access to the systems of its targets, provide tactical support for the physical invasion and exfiltrate sensitive information,” Tom Burt, Microsoft’s corporate vice-president of customer, security and trust, wrote.
Microsoft did not say if any of the hacking attempts were successful. But the US company said it had obtained a court order that allowed it to seize control of seven internet domains used by Strontium.
“The Strontium attacks are just a small part of the activity we have seen in Ukraine,” Burt wrote.
The attacks come as the US widens sanctions on Russia, imposing them on United Shipbuilding Corporation (USC), as well as 28 USC subsidiaries and eight members of the USC board of directors.
“USC is one of Russia’s largest state-owned enterprises, and it developed and constructed the warships that have bombarded Ukraine’s cities,” US Secretary of State Antony Blinken said in a statement on Thursday.
Sanctions were also imposed on Alrosa, a diamond-mining company controlled by the Russian government. “The proceeds of which help to finance the Russian government’s war and atrocities against Ukraine,” Blinken added.
- George Russell