• Hackers are believed to be linked to Russia’s foreign intelligence service.
• Spies are using online storage services such as Google Drive and Dropbox to hide their activities from detection.
• The espionage efforts coincide with NATO’s preparations to welcome two new members.

Cyber spies suspected of working for the Russian foreign intelligence service (SVR) are targeting NATO countries in a recent hacking campaign, according to a new industry report.

According to Palo Alto Networks, the hackers are using online storage services such as Google Drive and Dropbox to avoid detection.

In May and June of this year, phishing emails containing an agenda for an upcoming meeting with an ambassador were sent to several Western and NATO diplomatic missions as a lure.

“We can confirm that we worked with our industry partners and the researchers on this matter, and we disabled user accounts immediately,” a Dropbox spokesperson told Sky News.

Palo Alto believes the attackers are from the same group that was responsible for the SolarWinds breach in 2020, which gave Russian spies access to the networks of at least nine US government agencies.

The success of that spying operation, which was only discovered when the hackers decided to steal tools from the US cyber security firm Mandiant, elicited a significant response from US authorities.

It resulted in the United States imposing new sanctions on Russia and its officials, despite Russian government spokespeople repeatedly denying responsibility.

At the time, Microsoft President Brad Smith described the supply-chain attack as “the largest and most sophisticated attack the world has ever seen,” though this description was criticized by some commentators.

Unlike hacking groups linked to Russia’s military intelligence agency, the SVR is thought to conduct more covert operations.

In previous attacks, the SVR hackers “demonstrated patience, operational security, and complex tradecraft,” according to the US Cybersecurity Infrastructure Agency.

When GRU hackers were discovered to have breached the Democratic National Committee following the 2016 US elections, researchers discovered that the SVR was also present on those networks – and had been for a year.

Both organizations appeared to be unaware of each other’s existence.

The recent espionage efforts coincide with NATO’s preparations to welcome two new members in response to Russia’s invasion of Ukraine.

In June, the alliance announced a “new strategic concept” and confirmed that Sweden and Finland would be formally invited to join.

NATO promised to “defend every inch” of its territory as it outlined a “deterrence and defense posture” based on a combination of “nuclear, conventional, and missile defense capabilities.”

Advertisement

Also Read

Russian President Vladimir Putin heads to Iran for visit

Putin's second international trip since he started the invasion. Discussions will be...