The White House says it believes US government agencies largely fended off the latest cyberespionage onslaught blamed on Russian intelligence operatives, saying the spear-phishing campaign should not further damage relations with Moscow ahead of next month’s planned presidential summit.
Officials downplayed the cyber assault as ‘basic phishing’ in which hackers used malware-laden emails to target the computer systems of US and foreign government agencies, think tanks and humanitarian groups. Microsoft, which disclosed the effort on Friday, said it believed most of the e-mails were blocked by automated systems that marked them as spam.
As of Friday, the company said it was “not seeing evidence of any significant number of compromised organisations at this time?”
Even so, the revelation of a new spy campaign so close to the June 16 summit between President Joe Biden and Russian counterpart Vladimir Putin adds to the urgency of White House efforts to confront the Kremlin over aggressive cyber activity that criminal indictments and diplomatic sanctions have done little to deter.
“I don’t think it’ll create a new point of tension because the point of tension is already so big,” said James Lewis, a senior vice president at the Center for Strategic and International Studies.
“This clearly has to be on the summit agenda. The president has to lay down some markers ‘to make clear’ that the days when you people could do whatever you want are over.”
The summit comes amid simmering tensions driven in part by election interference by Moscow and by a massive breach of US government agencies and private corporations by Russian elite cyber spies, who infected the software supply chain with malicious code. The US responded with sanctions last month, prompting the Kremlin to warn of retribution.
Asked on Friday whether the latest hacking effort would affect the Biden-Putin summit, principal deputy press secretary Karine Jean-Pierre said, “We’re going to move forward with that.”
The US, which has previously called out Russia or criminal groups based there for hacking operations, did not blame anyone for the latest incident.
In this case, hackers gained access to an email marketing account of the US Agency for International Development, and masquerading as the government body, targeted about 3,000 email accounts at more than 150 different organizations. At least a quarter of them involved in international development, humanitarian and human rights work, Microsoft Vice President Tom Burt said in a blog post late on Thursday.
The company did not say what portion of the attempts may have led to successful intrusions but said in a separate technical blog post that most were blocked by automated systems that marked them as spam. The White House said even if an email eluded those systems, a user would still have to click on the link to activate the malicious payload.
(With inputs from agencies)