The Justice Department and Microsoft have seized over 100 web domains that a Russian intelligence agency allegedly used to hack US officials, civil-society groups, and Russians living in the US. The hacking campaign aimed to gather intelligence on US and allied efforts in Ukraine and to undermine pro-democracy and human rights organizations in the US, UK, and Eastern Europe. The hackers targeted media outlets, think tanks, and NGOs from January 2023 to August 2024, stealing sensitive data and trying to degrade their activities.
The hackers collected sensitive information related to US government employees, defense, and security policies, which is valuable for Russian influence operations in the US. This activity was part of a broader effort by the FSB, Russia’s intelligence agency, to surveil dissidents at home and abroad and interfere in foreign political processes. The hackers have previously targeted US defense and security policies and nuclear energy technology, as well as UK political processes.
Since Russia’s invasion of Ukraine in 2022, the FSB and other Russian intelligence agencies have used cyber campaigns to undermine Western support for Ukraine. Platforms taking actions to impose costs on Russian hacking operations are crucial to protect journalists, dissidents, and civil-society groups. The NGO Information Sharing and Analysis Center filed a lawsuit with Microsoft to allow the tech firm to seize the internet domains used by the hackers.
The Kremlin denies US allegations of hacking, despite detailed evidence provided by US officials. The tech-legal counsel at Access Now praised the victims who shared their stories and data, enabling the action against the hackers. The ongoing efforts by the Justice Department and tech companies to expose and disrupt Russian covert operations targeting US democracy are part of the broader response to foreign interference in the runup to the 2024 presidential election.
The hacking activities of the FSB-linked group pose a threat to US critical infrastructure and national security. The hackers aim to compromise accounts of journalists and dissidents to gain access to sensitive information and disrupt democracy. The latest seizure of web domains is part of a broader effort to counter Russian disinformation and interference in democracies. Ongoing cooperation between government agencies, tech companies, and civil-society organizations is essential to protect against foreign influence operations.