According to Microsoft, Russian cyberspies are conducting AitM attacks on foreign embassies located in Moscow.

Russian state-sponsored Advanced Persistent Threat (APT) group Secret Blizzard has been implicated in sophisticated ISP-level Attack-in-the-Middle (AitM) operations targeting foreign embassies in Moscow. According to a report by Microsoft, these cyber espionage activities have enabled the group to infiltrate diplomatic devices with malware, posing significant risks to sensitive communications and data. The AitM attacks leverage vulnerabilities in internet service providers to intercept and manipulate traffic, allowing Secret Blizzard to gain unauthorised access to critical information. This alarming trend highlights the ongoing threat posed by state-sponsored cyber actors and underscores the need for enhanced cybersecurity measures within diplomatic institutions.

The tactics employed by Secret Blizzard reflect a growing sophistication in cyber warfare, particularly in targeting high-profile entities such as embassies. By utilising ISP-level AitM attacks, the group has demonstrated its capability to bypass traditional security protocols, making it increasingly difficult for organisations to safeguard their networks. As foreign embassies in Moscow continue to face these threats, the importance of robust cybersecurity strategies becomes paramount. The revelations from Microsoft serve as a crucial reminder for diplomatic missions to remain vigilant and proactive in defending against such advanced cyber threats.