WASHINGTON CNN —
The Justice Department and Microsoft announced Thursday that they have seized more than 100 web domains allegedly used by Russian intelligence to hack current and former U.S. officials, civil society groups, and Russians living in the United States.
U.S. officials and civilian experts say the massive hacking operation was aimed at gathering information about U.S. and its allies’ efforts to support Ukraine and infiltrating democracy and human rights organizations in the U.S., U.K. and Eastern Europe. It is said that the purpose is to weaken the government.
This is the latest in a series of moves by the Justice Department to expose alleged Russian covert operations targeting American democracy in the run-up to the 2024 presidential election. In this case, the hackers were not directly targeting political campaigns or election infrastructure. Rather, they aimed to undermine civil society groups that support functioning democracies, according to Microsoft.
According to Steven Masada, Microsoft’s assistant general counsel, hackers targeted 30 organizations, including news organizations, think tanks, and non-governmental organizations, between January 2023 and August 2024, stealing sensitive internal data and attempted to undermine the movement.
The data collected by the hackers also included “classified information” related to the identities of U.S. government officials and U.S. defense and security policy, according to an affidavit filed by an FBI agent in the case. . The affidavit states that all of this information is “particularly valuable to the Russian government’s efforts to engage in malign foreign influence operations within the United States.”
It was not immediately clear how recently the hackers had stolen classified U.S. government information in the activities cited in the affidavit. CNN has reached out to the Department of Justice for comment.
A U.S. indictment against suspected members of the same hacking group released last year said the hackers stole “valuable information” related to U.S. defense and security policy and information about nuclear energy technology in 2016 and 2022. He said he stole it.
Last year, the UK government accused the same Russian hacker group of hacking politicians, civil servants and journalists over several years in a “failed attempt to interfere in the UK political process”.
U.S. officials say the hackers are working on behalf of Russia’s intelligence agency, the FSB, the main successor to the Soviet-era KGB. The FSB has a broad mandate to use its extensive hacking capabilities to monitor dissidents at home and abroad. Another group of hackers linked to the FSB is targeting energy facilities, posing a direct threat to critical U.S. infrastructure, U.S. officials said.
Since Russia’s full-scale invasion of Ukraine in 2022, the FSB and other Russian intelligence services have relentlessly used cyber campaigns to understand and thwart Western efforts to support Ukraine with military aid.
John Scott Railton, a researcher at the University of Toronto’s Citizen Lab who investigated the activity, said, “A breach of a single account by a journalist or dissident can ripple through an entire network of people, threatening people’s safety and freedom.” It may have an impact on the.” . “This is why it is so important that platforms take steps to impose costs on Russian hacking activities.”
The NGO Information Sharing and Analysis Center, a nonprofit organization that protects civil society organizations from hacking, has filed a lawsuit in federal court that allows tech companies to seize internet domains.
CNN has reached out to the Russian embassy in Washington, D.C., for comment. The Kremlin routinely denies U.S. hacking allegations, no matter how detailed and evidence-based they are.
Natalia Krapiva, senior technical legal counsel at the nonprofit group Access Now, which helped support the case, praised “the courageous victims who came forward and shared the stories and data that made this action possible.”
This story has been updated with additional developments.
