Russia Dismisses NSA Claims It Hacked Government Agencies As 'Unfounded Accusations'

Moscow has rejected findings by American and British intelligence agencies that Russian operatives were waging a cybercampaign targeting government institutions around the world.

The attacks in question are said to be tied to the 85th Main Special Service Center of the Russian military intelligence, or the GRU, which is sometimes called Fancy Bear, APT28 or Strontium, according to the BBC.

The advisory issued Thursday by the NSA, the Cybersecurity and Infrastructure Security Agency, the Federal Bureau of Investigation (FBI) and the U.K.'s National Cyber Security Centre, did not identify any specific victims or reveal which data was exfiltrated.

The GRU has however been linked to attempts to compromise the 2016 and 2020 U.S. elections.

The joint advisory accused Russian operatives of trying to access government cloud services used by agencies, energy companies and other organizations by spraying their sites with passwords in a relatively unsophisticated approach.

Man using illuminated keyboard
Russia has rejected a U.S. and U.K. advisory that its operatives were behind a global cybercampaign. The Russian embassy in Washington, D.C. dismissed the claims as "unfounded accusations." Sean Gallup/Getty

Believed to have started in the middle of 2019, and "likely" to be ongoing, the Russian cybercampaign mostly targeted organizations that used Microsoft Office 365 cloud services.

Rob Joyce, the NSA's director of cybersecurity, described it as a "lengthy brute force campaign" that was being conducted on a "global scale."

The Russian Embassy in Washington, D.C. hit back at the report in a statement posted late Thursday in Russian and English on its Facebook page, which was also reported by state news agencies.

"We strictly deny the involvement of Russian government agencies in attacks 'on government and private facilities in the United States and abroad,'" the Russian statement said.

It said that cybersecurity issues were discussed during the summit between Presidents Joe Biden and Vladimir Putin in June and that the best way to combat cyberthreats was through "active interaction" between both countries' state agencies.

It added that Putin proposed in September 2020 measures "to restore Russian-American cooperation" in information security.

"We hope that the American side will abandon the practice of unfounded accusations and focus on professional work with Russian experts to strengthen international information security, and in this context, on joint efforts to combat cybercrime," the embassy statement said.

"Besides, it's high time to put things in order on the American soil, from where constant attacks on critical infrastructure in Russia emerge."

An NSA spokesperson said the GRU-led campaign outlined on Thursday was separate to the SolarWinds attack that compromised U.S. government agencies and differed from ransomware attacks on the Colonial Pipeline and the meat supplier JBS, CBS News reported.

In April, the Biden administration imposed sanctions on Russia after linking it to election interference and the SolarWinds breach.

When contacted by Newsweek, the NSA said it had no further comment to add beyond Thursday's advisory.

Newsweek has contacted the Russian Embassy in DC for further comment.

Update 07/02/2021, 9:51 a.m. ET: This article has been updated to include a response to Newsweek from the NSA.