The embassy of Canada in Moscow. Microsoft's analysis shows an FSB cyber espionage campaign that targeted unnamed foreign embassies in the city in February.MAXIM SHEMETOV/Reuters
One of the Russian government’s premier cyber espionage units is deploying malware against embassies and diplomatic organizations in Moscow by leveraging local internet service providers, Microsoft said on Thursday.
The analysis confirms for the first time that Russia’s Federal Security Service, also known as the FSB, is conducting cyber espionage at the ISP level, according to findings from Microsoft Threat Intelligence.
“Microsoft is now certain that this activity is happening within Russian borders,” Microsoft’s director of Threat Intelligence Strategy, Sherrod DeGrippo, told Reuters.
Microsoft’s findings come amid increasing pressure from Washington for Moscow to agree to a ceasefire in its war in Ukraine and pledges from NATO countries to increase defence spending surrounding their own concerns about Russia.
Trump to impose 25% tariff, additional import tax on India for buying Russian oil
The analysis tracks an FSB cyber espionage campaign that in February targeted unnamed foreign embassies in Moscow. The FSB activity facilitates the installation of custom backdoors on targeted computers, which can be used to install additional malware as well as steal data.
Reuters could not determine which embassies were targeted, but Canada does have an embassy based in Moscow. The U.S. State Department did not respond to a request for comment.
Russian diplomats did not immediately respond to a request for comment. Moscow routinely denies carrying out cyber espionage operations.
The hacking unit linked to the activity, which Microsoft tracks as “Secret Blizzard” and others categorize as “Turla,” has been hacking governments, journalists and others for nearly 20 years, the U.S. government said in May 2023 after the FBI disrupted one of its long-running operations.