The White House says it believes US government agencies have largely fended off the latest cyberespionage onslaught blamed on Russian intelligence operatives, saying the spear-phishing campaign should not further damage relations with Moscow ahead of next month’s planned presidential summit.
Officials downplayed the cyber assault as “basic phishing” in which hackers used malware-laden emails to target the computer systems of US and foreign government agencies, think tanks and humanitarian groups.
Microsoft, which disclosed the effort late on Thursday, said it believed most of the emails were blocked by automated systems that marked them as spam.
As of Friday afternoon, the company said it was “not seeing evidence of any significant number of compromised organisations at this time”.
Even so, the revelation of a new spy campaign so close to the June 16 summit between President Joe Biden and Russian counterpart Vladimir Putin adds to the urgency of White House efforts to confront the Kremlin over aggressive cyber activity that criminal indictments and diplomatic sanctions have done little to deter.
The summit comes amid simmering tensions driven in part by election interference by Moscow and by a massive breach of US government agencies and private corporations by Russian elite cyber spies who infected the software supply chain with malicious code.
The US responded with sanctions last month, prompting the Kremlin to warn of retribution.
The US, which has previously called out Russia or criminal groups based there for hacking operations, did not blame anyone for the latest incident.
Microsoft attributed it to the group behind the SolarWinds campaign, in which at least nine federal agencies and dozens of private sector companies were breached through a contaminated software update.