(CNN) Hackers linked to the Russian military have targeted – and in some cases successfully penetrated – the networks of European military, energy and transportation organizations in an espionage campaign that appears to have gone undetected for months as The war in Ukraine Microsoft told its customers in a report obtained by CNN.
The report shows how, despite the increasingly defensive posture of Western governments and technology companies during the war, Russian hacking can slip under the radar and surface, if it does, months after the fact.
As Russia’s military advance in Ukraine falters, Kremlin hacking teams scour the networks of Western logistics and transportation companies that support Ukraine’s defenses for intelligence that might translate into a battlefield or geopolitical advantage, according to cybersecurity experts and U.S. officials.
A tip from Ukrainian officials led Microsoft to investigate cyber activity and discover that Russian hackers were exploiting the A previously unknown flaw in Microsoft’s email software occurred between April and December 2022, according to Microsoft.
Microsoft publicly disclosed the vulnerability on Tuesday, urging customers to update their software. Microsoft privately told customers that “fewer than 15” organizations had been targeted or hacked by Russian agents.
BleepingComputer, a tech news outlet, first mentioned An advisory for customers from Microsoft.
Hackers used a surreptitious tactic to steal login details from victim organizations, then searched for further intrusions into the organizations’ email folders, Microsoft told customers. The technology company did not name the targeted organizations.
Microsoft blamed a piracy group owned by US officials linked in general to the GRU, the Russian military intelligence agency. US officials have alleged that hackers from the same agency breached the Democratic National Committee’s servers as part of a sweeping effort to undermine Hillary Clinton’s candidacy in the 2016 US presidential election.
Russia denied this specific allegation and another from the United States that it was carrying out cyberattacks. CNN has reached out Microsoft and Russian Embassy in Washington about Microsoft tips.
“Microsoft released a security update … in March to keep our customers safe and secure,” a Microsoft spokesperson said in an emailed statement. “Customers who apply the update, or have automatic updates enabled, are already protected.”
U.S. officials prepared for potential collateral damage to U.S. organizations from alleged Russian hacking operations in Ukraine and elsewhere during the war, but these cascading effects went largely unfulfilled.
Microsoft Blame A different hacking team linked to the GRU carried out ransomware attacks on Ukrainian and Polish transport and logistics organizations in October, but there were no reports of it spreading to other organizations.
