Microsoft says the Cyber Epion Campaign “poses high risk” to foreign embassies, diplomats and other groups in Moscow.
Microsoft has denounced one of the Russian government’s best cyber espion units deploying malware against embassies and diplomatic organisations in Moscow by leveraging local internet service providers.
In a blog post Thursday, Microsoft Threat Intelligence said a campaign by Russia’s Federal Security Agency, also known as the FSB, has been “ongoing since at least 2024.”
The effort “poses high risk to foreign embassies, diplomatic groups, and other sensitive organizations operating in Moscow, especially entities that rely on local internet providers,” Microsoft said.
According to Microsoft’s findings, the analysis is for the first time that the FSB is conducting cyberepions at the ISP level.
“This means that diplomatic personnel using local ISPs or telecommunication services in Russia are very likely to be targeted for (campaigns) within these services,” the blog post reads.
Microsoft has tracked down a suspected campaign of FSB Cyber Espion that targeted an unknown foreign embassy in Moscow in February.
FSB activity makes it easy to install custom backdoors on targeted computers. This can be used to install additional malware and stolen data as well as additional malware, Microsoft said.
The findings pledge to increase defensive spending surrounding their own concerns about Russia amid increasing pressure from Washington to agree to a ceasefire in the war in Ukraine and agreeing to pledges from NATO countries.
Microsoft did not say which embassies were targeted by the FSB campaign.
The US State Department and Russian diplomats did not respond to requests for comment from Reuters News Agency.
Russia has refused to implement Operation Cyber Epion. There were no immediate comments from Moscow on Microsoft’s report on Thursday.
Hacking units linked to activities Microsoft tracks as “secret blizzard” and “Turla” have hacked governments, journalists and others for nearly 20 years, the US government said in May 2023.
