Russia Has Launched a Broad Espionage Campaign Targeting Cloud Services

Emisoft secretly offered decrypters to BlackMatter victims, NYT journalist infected twice with Pegasus spyware, Groove gang calls for attacks on U.S. interests, Tesco hampered by cyberattack, more

Months after the Biden administration leveled sanctions against Russia for the massive SolarWinds spyware infection, Microsoft says that Russia’s premier intelligence agency SVR has launched a new, extensive, and ongoing campaign to acquire data stored in the cloud.

American officials, who consider the campaign to be routine espionage, confirmed that the operation was underway. A senior administration official called the latest attacks “unsophisticated, run-of-the-mill operations that could have been prevented if the cloud service providers had implemented baseline cybersecurity practices.” Microsoft said the attack focuses on its “resellers,” firms that customize the use of the cloud for companies or academic institutions. The incursion primarily involved deploying a vast database of stolen passwords in automated attacks intended to get Russian government hackers into Microsoft’s cloud services. (David Sanger / New York Times)

Related: Microsoft, Bleeping Computer, Bloomberg, The Hacke…