WASHINGTON: US and British agencies disclosed on Thursday details of “brute force” methods they say have been used by Russian intelligence to try to break into the cloud services of hundreds of government agencies, energy companies and other organizations.
An advisory released by the US National Security Agency describes attacks by operatives linked to the GRU, the Russian military intelligence agency, which has been previously tied to major cyberattacks abroad and efforts to disrupt the 2016 and 2020 American elections.
In a statement, NSA Cybersecurity Director Rob Joyce said the campaign was “likely ongoing, on a global scale.”
Brute force attacks involve the automated spraying of sites with potential passwords until hackers gain access. The advisory urges companies to adopt methods long urged by experts as common-sense cyber hygiene, including the use of multi-factor authentication and mandating strong passwords.
Issued during a devastating wave of ransomware attacks on governments and key infrastructure, the advisory does not disclose specific targets of the campaign or its presumed purpose, saying only that hackers have targeted hundreds of organizations worldwide.
The NSA says GRU-linked operatives have tried to break into networks using Kubernetes, an open-source tool originally developed by Google to manage cloud services, since at least mid-2019 through early this year. While a “significant amount” of the attempted break-ins targeted organizations using Microsoft’s Office 365 cloud services, the hackers went after other cloud providers and email servers as well, the NSA said.
The US has long accused Russia of using and tolerating cyberattacks for espionage, spreading disinformation, and the disruption of governments and key infrastructure.
The Russian Embassy in Washington on Thursday “strictly” denied the involvement of Russian government agencies in cyberattacks on US government agencies or private companies.
In a statement posted on Facebook, the embassy said, “We hope that the American side will abandon the practice of unfounded accusations and focus on professional work with Russian experts to strengthen international information security.”
Joe Slowik, a threat analyst at the network-monitoring firm Gigamon, said the activity described by NSA on Thursday shows the GRU has further streamlined an already popular technique for breaking into networks. He said it appears to overlap with Department of Energy reporting on brute force intrusion attempts in late 2019 and early 2020 targeting the US energy and government sectors and is something the US government has apparently been aware of for some time.
Slowik said the use of Kubernetes “is certainly a bit unique, although on its own it doesn’t appear worrying.” He said the brute force method and lateral movement inside networks described by NSA are common among state-backed hackers and criminal ransomware gangs, allowing the GRU to blend in with other actors.
John Hultquist, vice president of analysis at the cybersecurity firm Mandiant, characterized the activity described in the advisory as “routine collection against policy makers, diplomats, the military, and the defense industry.”
“This is a good reminder that the GRU remains a looming threat, which is especially important given the upcoming Olympics, an event they may well attempt to disrupt,” Hultquist said in a statement.
The FBI and the Cybersecurity and Infrastructure Security Agency joined the advisory, as did the British National Cyber Security Center.
The GRU has been repeatedly linked by US officials in recent years to a series of hacking incidents. In 2018, special counsel Robert Mueller’s office charged 12 military intelligence officers with hacking Democratic emails that were then released by WikiLeaks in an effort to harm Hillary Clinton’s presidential campaign and boost Donald Trump’s bid.
More recently, the Justice Department announced charges last fall against GRU officers in cyberattacks that targeted a French presidential election, the Winter Olympics in South Korea and American businesses.
Unlike Russia’s foreign intelligence agency SVR, which is blamed for the SolarWinds hacking campaign and is careful not to be detected in its cyber ops, the GRU has carried out the most damaging cyberattacks on record, including two on Ukraine’s power grid and the 2017 NotPetya virus that caused more than $10 billion in damage globally.
GRU operatives have also been involved in the spread of disinformation related to the coronavirus pandemic, US officials have alleged. And an American intelligence assessment in March says the GRU tried to monitor people in US politics in 2019 and 2020 and staged a phishing campaign against subsidiaries of the Ukrainian energy company Burisma, likely to gather information damaging to President Joe Biden, whose son had earlier served on the board.
The Biden administration in April sanctioned Russia after linking it to election interference and the SolarWinds breach.
![]()
US, UK cybersecurity agencies disclose hacking methods used by Russian spy group
Short Url
https://arab.news/v385k
US, UK cybersecurity agencies disclose hacking methods used by Russian spy group
- Operatives linked to Russia's spy agency GRU have tried to break into networks using Kubernetes, says NSO
Norway launches probe of Middle East diplomat and husband over Epstein links
- Mona Juul resigned from her position as ambassador to Jordan and Iraq
- Juul and her husband Terje Rod-Larsen played key roles in the Israeli-Palestinian negotiations which led to the Oslo Accords
OSLO: Norwegian police said Monday they have launched an “aggravated corruption” investigation against a high-profile diplomat, Mona Juul, and her husband Terje Rod-Larsen, over the couple’s links to late US sex offender Jeffrey Epstein.
The police economic crime unit Okokrim said in statement that the probe began last week and that an Oslo residence was searched on Monday, as well as a residence belonging to a witness.
“We have launched an investigation to determine whether any criminal offenses have been committed. We are facing a comprehensive and, by all accounts lengthy investigation,” Okokrim chief Pal Lonseth, said.
Juul, 66, and Rod-Larsen, 78, played key roles in the secret Israeli-Palestinian negotiations which led to the Oslo Accords of the early 1990s.
Epstein left $10 million in his will to the couple’s two children, according to Norwegian media.
“Among other things, Okokrim will investigate whether she received benefits in connection to her position,” the statement said.
On Sunday, the foreign ministry announced that Juul had resigned from her position as ambassador to Jordan and Iraq.
“Juul’s contact with the convicted abuser Epstein has shown a serious lapse in judgment,” Foreign Minister Espen Barth Eide said in connection to the announcement.
She had already been temporarily suspended last week pending an internal investigation by the ministry into her alleged links to Epstein, who died in 2019 while awaiting trial for sex trafficking.
Norway’s political and royal circles have been thrust into the eye of the Epstein storm, including the CEO of the World Economic Forum Borge Brende.
Former prime minister Thorbjorn Jagland, is also being investigated for “aggravated corruption” over links to Epstein while he was chair of the Norwegian Nobel Committee — which awards the Nobel Peace Prize — and as secretary general of the Council of Europe.
Norway’s Crown Princess Mette-Marit has also come under scrutiny for her relationship with Epstein, which on Friday she said she “deeply regretted.”
On Monday, Norwegian Prime Minister Jonas Gahr Store voiced support for the establishing of an independent commission set up by Parliament, to fully examine the nature of the ties between these figures and Epstein.
The police economic crime unit Okokrim said in statement that the probe began last week and that an Oslo residence was searched on Monday, as well as a residence belonging to a witness.
“We have launched an investigation to determine whether any criminal offenses have been committed. We are facing a comprehensive and, by all accounts lengthy investigation,” Okokrim chief Pal Lonseth, said.
Juul, 66, and Rod-Larsen, 78, played key roles in the secret Israeli-Palestinian negotiations which led to the Oslo Accords of the early 1990s.
Epstein left $10 million in his will to the couple’s two children, according to Norwegian media.
“Among other things, Okokrim will investigate whether she received benefits in connection to her position,” the statement said.
On Sunday, the foreign ministry announced that Juul had resigned from her position as ambassador to Jordan and Iraq.
“Juul’s contact with the convicted abuser Epstein has shown a serious lapse in judgment,” Foreign Minister Espen Barth Eide said in connection to the announcement.
She had already been temporarily suspended last week pending an internal investigation by the ministry into her alleged links to Epstein, who died in 2019 while awaiting trial for sex trafficking.
Norway’s political and royal circles have been thrust into the eye of the Epstein storm, including the CEO of the World Economic Forum Borge Brende.
Former prime minister Thorbjorn Jagland, is also being investigated for “aggravated corruption” over links to Epstein while he was chair of the Norwegian Nobel Committee — which awards the Nobel Peace Prize — and as secretary general of the Council of Europe.
Norway’s Crown Princess Mette-Marit has also come under scrutiny for her relationship with Epstein, which on Friday she said she “deeply regretted.”
On Monday, Norwegian Prime Minister Jonas Gahr Store voiced support for the establishing of an independent commission set up by Parliament, to fully examine the nature of the ties between these figures and Epstein.
Latest updates
Recommended
© 2026 SAUDI RESEARCH & PUBLISHING COMPANY, All Rights Reserved And subject to Terms of Use Agreement.