The FBI and Microsoft have seized over 100 web domains used by Russian intelligence for cyber-espionage, according to court documents. These domains were allegedly used by Russia’s FSB intelligence agency for spear phishing campaigns to gain unauthorized access to sensitive information from targets like the U.S. Department of Energy and Russian media outlets critical of the Kremlin. The Justice Department seized 41 domains and granted Microsoft control of 66 others believed to be part of the same operation.
The information sought by the FSB included sensitive data related to U.S. employees, defense, foreign affairs, and nuclear energy technology. This seizure is a rare public illustration of disrupting foreign cyberespionage, as the U.S. typically does not reveal these operations. The FSB is comparable to the FBI, and while they have not been accused of interfering in U.S. elections, the GRU, Russia’s military intelligence agency, was responsible for hacking and releasing Hillary Clinton’s campaign emails in 2016.
Microsoft has not observed FSB hackers attempting to breach U.S. political campaigns, but they have targeted political enemies in the past. The legal takedown aims to disrupt the FSB’s operations and make their job harder. The web domains were hosted by Verisign, a company based in Virginia, but there is no evidence that Verisign was aware of the FSB’s activities. Natalia Krapiva from Access Now, a nonprofit that has warned about the FSB’s campaign, sees the domain seizure as a victory for vulnerable communities targeted by cyber attacks.
Photo credit
www.nbcnews.com