Microsoft cracks down further on Russian hackers looking to disrupt elections
Microsoft authorized to seize 66 domains
Microsoft’s Digital Crimes Unit (DCU) has announced a successful operation which disrupted notorious Russian-state actor 'Star Blizzard'.
Since the start of 2023, Microsoft had observed Star Blizzard attack over 30 organizations including NGOs, journalists, and think tanks. The attacks primarily consisted of a spear phishing campaigns to exfiltrate sensitive data from victims and obstruct activities aimed at preserving democratic processes.
At a rate of approximately one attack per week, the group has been found to use more and more sophisticated tactics and has been persistent in identifying and creating personalized phishing emails for high-value targets.
Valuable intelligence
In the now-unsealed civil action, Microsoft’s DCU seized 66 unique domains used to attack its users across the globe.
Star Blizzard has reportedly been active since 2017, and have been targeting military officials in the UK and US, especially those providing support to Ukraine and its allies.
With the 2024 US Presidential election so close, Microsoft is confident this disruption has come at a critical point for Russian operations looking to undermine and interfere in Western democracies. The action is said to have provided valuable intelligence about the group and the scope of its activities.
Together with the Department of Justice, Microsoft has seized over 100 websites from the actor - delivering a serious blow to its infrastructure and operations. Cyber security tends to be a bit of a cat-and-mouse game, so this almost certainly won’t be the end of Star Blizzard, but it's a start.
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
Malicious cyber attacks and foreign election interference are nothing new, and the ‘shadow war’ has ramped up since the start of the Russian invasion of Ukraine. Attacks on critical infrastructure, ransomware, and misinformation campaigns have become commonplace - and over a dozen Russian cyber criminals have been sanctioned by the UK.
More from TechRadar Pro
- Check out our pick of the best malware removal software
- Intel and Microsoft are operating in Russia once again
- Take a look at our pick of the best antivirus software around right now
Ellen has been writing for almost four years, with a focus on post-COVID policy whilst studying for BA Politics and International Relations at the University of Cardiff, followed by an MA in Political Communication. Before joining TechRadar Pro as a Junior Writer, she worked for Future Publishing’s MVC content team, working with merchants and retailers to upload content.