Russian hackers penetrated USAID to spy on human-rights groups: Microsoft

Say, isn’t this the same country with whom we’re holding a summit soon? Just checking, because one has to wonder whether their hackers will get the itinerary before the media does:

Hackers linked to Russia’s main intelligence agency surreptitiously seized an email system used by the State Department’s international aid agency to burrow into the computer networks of human rights groups and other organizations of the sort that have been critical of President Vladimir V. Putin, Microsoft Corporation disclosed on Thursday.

Discovery of the breach comes only three weeks before President Biden is scheduled to meet Mr. Putin in Geneva, and at a moment of increased tension between the two nations — in part because of a series of increasingly sophisticated cyberattacks emanating from Russia.

The newly disclosed attack was also particularly bold: By breaching the systems of a supplier used by the federal government, the hackers sent out genuine-looking emails to more than 3,000 accounts across more than 150 organizations that regularly receive communications from the United States Agency for International Development. Those emails went out as recently as this week, and Microsoft said it believes the attacks are ongoing.

The email was implanted with code that would give the hackers unlimited access to the computer systems of the recipients, from “stealing data to infecting other computers on a network,” Tom Burt, a Microsoft vice president, wrote on Thursday night.

We’re now about a decade into a continuing series of embarrassing cyberwarfare losses involving federal-government computer systems. These losses now encompass three administrations and presidents of both parties. For a while, China was the main threat, with North Korea not too far behind. Of late, however, Russia has been the primary malefactor, both in the governmental and commercial realms. Or at least the one that gets identified most often.

It’s no secret why Russia would want to penetrate USAID. Human-rights groups have criticized Vladimir Putin and his regime heavily and consistently, both in its internal operations and in places like Ukraine and in the Caucasus, and especially in his attacks on journalists and dissidents at home and abroad. Like most dictators, Putin’s power relies on his ability to shape reality to match his propaganda. Having his fingers in those systems allows Putin and his intel services opportunities to either shut down or discredit his critics.

The agency responsible for federal cybersecurity confirmed the hack to CBS:

A spokesperson for the U.S. Cybersecurity and Infrastructure Security Agency (CISA) told CBS News, “We are aware of the potential compromise at USAID through an email marketing platform and are working with the FBI and USAID to better understand the extent of the compromise and assist potential victims.”

The cybersecurity firm Volexity, which also tracked the campaign but has less visibility into email systems than Microsoft , said in a post that relatively low detection rates of the phishing emails suggest the attacker was “likely having some success in breaching targets.”

With that in mind, what about the upcoming Biden-Putin summit? We routinely held such summits during the Cold War with the Soviets based on the potential for global catastrophe if we didn’t communicate. The same holds true now, but we didn’t have a similar level of active hostilities occurring at the same time. Democrats howled when Donald Trump held a summit with Putin after the Russian interference in the 2016 election, and these hacks make that issue even more acute than it was at Helsinki.

Still, a summit would make sense if Biden had a specific plan to gain an advantage or to push Putin into ending the cyberwarfare. Thus far, however, Biden doesn’t appear to have much of a plan or strategy. Just yesterday, Biden reversed his previous position on the Open Skies Treaty. Trump had suspended the agreement after Russian provocations, a move Biden publicly criticized at the time, but yesterday Biden essentially vindicated Trump:

U.S. officials said Deputy Secretary of State Wendy Sherman told the Russians that the administration had decided not to reenter the Open Skies Treaty, which had allowed surveillance flights over military facilities in both countries before President Donald Trump withdrew from the pact. As a presidential candidate, Biden had criticized Trump’s withdrawal as “short-sighted.” …

The officials said that the review had been completed and that Sherman had informed Russian Deputy Foreign Minister Sergei Ryabkov of the U.S. decision not to return to the 1992 Open Skies Treaty. The officials were not authorized to discuss the matter publicly and spoke on condition of anonymity. The State Department later announced the move.

“The United States regrets that the Treaty on Open Skies has been undermined by Russia’s violations,” the department said. “In concluding its review of the treaty, the United States therefore does not intend to seek to rejoin it, given Russia’s failure to take any actions to return to compliance. Further, Russia’s behavior, including its recent actions with respect to Ukraine, is not that of a partner committed to confidence-building.”

Recent moves on Ukraine? Russia has occupied parts of Ukraine since the time Biden was vice-president. Its hacking operations, including during the 2016 election, shows that Putin’s not a “partner committed to confidence-building.” None of this builds confidence in Biden either as a strategist with a game plan for the upcoming summit. It might be better to postpone this match until Putin either pulls back on the cyberwarfare or we put him in a position where he needs our cooperation more than we want his.