The FBI and Microsoft have taken action against a cyber-espionage campaign allegedly conducted by Russian intelligence agency FSB. They have seized over 100 web domains that were believed to be used by the FSB for spying on various targets, including the U.S. Department of Energy and Russian nonprofits critical of the government. The operation was said to involve spear phishing, with the goal of accessing sensitive information from victims’ computers and email accounts for unauthorized use.
The Justice Department seized 41 of the web domains, while Microsoft was granted control of an additional 66 domains that were part of the alleged espionage operation. The FBI stated that the stolen information included sensitive data related to U.S. government policies, defense, foreign affairs, and nuclear energy technology, which could be valuable for Russian influence operations. Russia’s Ministry for Foreign Affairs did not respond to requests for comment on the allegations. The seizure of the domains is seen as a rare public demonstration of U.S. disruption of a foreign cyberespionage operation.
Intelligence agencies often engage in cyber activities to gather information, but the public takedown of the FSB’s alleged activities is unusual. The FSB, considered a successor to the KGB, is seen as similar to the FBI. While the U.S. has accused Russia’s military intelligence agency, the GRU, of interference in the 2016 U.S. election, there have been no accusations against the FSB for election interference. Microsoft noted that the FSB hackers had not specifically targeted U.S. political campaigns or infrastructure in their operations.
Many of the seized web domains were hosted by Verisign, a Virginia-based company, according to court documents. There is no evidence suggesting Verisign knowingly facilitated the FSB’s hacking operations. The company did not respond to requests for comment. The takedown of these domains is significant for nonprofits that are frequently targeted by intelligence agencies, according to Natalia Krapiva of Access Now. She praised the collaboration between private companies, governments, and civil society in protecting vulnerable communities from cyber attacks.
Overall, the joint effort by the FBI and Microsoft to dismantle the FSB’s alleged cyberespionage campaign is a proactive step in disrupting foreign interference in U.S. democratic processes. The seizure of web domains used for spear phishing and information theft shows a concerted effort to thwart activities that undermine national security. As political tensions continue to rise, such actions serve as a warning to foreign entities attempting to compromise sensitive data and interfere in U.S. affairs. By working together, various stakeholders are demonstrating resilience against cyber threats and protecting critical information from malicious actors.