Hackers are using online storage services like Google Drive and Dropbox to avoid detection, cybersecurity firm Palo Alto said. The hacking attempts included phishing emails containing an agenda for an upcoming meeting with an ambassador as bait and were sent to several Western and NATO diplomatic missions between May and June this year. A Dropbox spokesperson told Sky News: “We can confirm that we have worked with our industry partners and investigators on this matter and have immediately disabled user accounts.” Palo Alto estimated that the attackers belong to the same organization blamed for the 2020 SolarWinds breach, which gave Russian spies access to the networks of at least nine US government agencies. The success of this spying operation – which was only discovered when the hackers also decided to steal tools from US cybersecurity company Mandiant – prompted a major response from US authorities. This led to the US announcing new sanctions on Russia and its officials, although Russian government officials have repeatedly denied responsibility. At the time, Microsoft president Brad Smith called the supply chain attack “the largest and most sophisticated attack the world has ever seen,” though some commentators criticized that description. Unlike hacker groups linked to the GRU, Russia’s military intelligence agency, the SVR is seen as conducting more covert operations. The US Cybersecurity Infrastructure Agency said the SVR hackers “demonstrated patience, operational security and sophisticated commercial techniques” in previous attacks. When the GRU hackers were found to have breached the Democratic National Committee after the 2016 US election, researchers discovered that SVR was also present in those networks – and had in fact already been there for a year. The two organizations seemed to ignore each other’s efforts. Read more: Europe will be ‘much less safe’ if NATO doesn’t push back Putin’s forces, foreign secretary warns Image: Some of the phishing emails posing as from the Portuguese Embassy. Photo: Palo Alto The latest spying efforts come as the NATO alliance prepares to welcome two new members in response to Russia’s invasion of Ukraine. In June, the alliance confirmed that Sweden and Finland would be formally invited to join as it announced a “new strategic concept”. Setting out a blueprint for threats and challenges, NATO pledged to “defend every centimeter” of its territory as it outlined a “deterrence and defense posture” based on a mix of “nuclear, conventional and missile defense capabilities”.
