Russia cyber attack set before Biden meet
Anewly disclosed cyber attack by Russian intelligence appears be scheduled to beat the Biden summit. Microsoft and other firms brought the hack to light late on May 27.
The hijack of America’s email system of a United States government agency prompted leading Democrats on Friday to urge stronger action against Moscow for accelerating cyberattacks.
They exposed how Russia’s S.V.R., the same intelligence agency that Washington blamed for a range of cyberattacks on American networks over the past decade, infiltrated the communications company that distributes emails on behalf of the United States Agency for International Development.
Using that access, they sent authentic-looking messages to human rights groups, nonprofit organizations and think tanks, including some that have been critical of Putin. The emails contained links to malware that gave the Russians access to the recipients’ computer services.
The White House on May 28 played down the severity of the attack, saying it was typical of daily cyber conflict. Officials said the fact that the attack had been caught quickly and neutralized — chiefly by Microsoft, which acted
when it saw fake emails being sent — was evidence that enhanced defenses being deployed to defend government networks were beginning to show results.
But the timing was striking and added to the sense that the scope of cyberattacks emanating from Russia — ranging from the most sophisticated to the most embarrassing, as seen in the ease with which hackers got into the email system used by the aid agency — is expanding rapidly despite warnings and retaliation from Washington.
A month ago, Biden imposed economic sanctions on Russia and expelled diplomats in response to one of the most sophisticated attacks ever seen in the “supply chain” of software that government and private sector networks rely on — one that gave Russia intelligence wide access to 18,000 networks.
While the Russians used the access only to enter about 150 government agencies and companies, the attack demonstrated that it was possible to corrupt regularly scheduled software updates of the kind that government agencies and companies rely on to keep their systems current.
Then, this month, came an attack on Colonial Pipeline, carried out by a criminal group that Biden said was based in Russia.
The pipeline was shut down for days, prompting panic buying, long lines at the pump and shuttering gas stations across the Southeast. Colonial paid $4.4 million ransom and the attack underscored the vulnerability of the United States’ critical infrastructure.