The report did not say which militaries had been targeted in what Google described as “credential phishing campaigns” launched by a Russian-based group called Coldriver, or Callisto.
“These campaigns were sent using newly created Gmail accounts to non-Google accounts, so the success rate of these campaigns is unknown,” the
report said.
Russia, which is now under heavy Western economic sanctions following its decision to invade Ukraine on February 24, regularly denies accusations of mounting cyberattacks on Western targets.
In 2019, Finnish cybersecurity firm F-Secure Labs described Callisto as an unidentified and advanced threat actor “interested in intelligence gathering related to foreign and security policy” in Europe.
The group also targeted a NATO Centre of Excellence, Wednesday’s Google report said, without elaborating. In a statement, NATO did not directly address Google’s report but said: “We see malicious cyber activity on a daily basis.”
Discover the stories of your interest
“NATO Centres of Excellence work alongside the Alliance but they are not part of NATO as such. We are in touch with them on this issue,” the statement added.