
WASHINGTON — Two weeks after President Biden met President Vladimir V. Putin of Russia and demanded that he rein in the constant cyberattacks directed at American targets, American and British intelligence agencies on Thursday exposed the details of what they called a global effort by Russia’s military intelligence organization to break into government organizations, defense contractors, universities and media companies.
The operation, described as crude but broad, is “almost certainly ongoing,” the National Security Agency and its British counterpart, known as GCHQ, said in a statement. They identified the Russian intelligence agency, or G.R.U., as the same group that hacked into the Democratic National Committee and released emails in an effort to influence the 2016 presidential election in favor of Donald J. Trump.
Thursday’s revelation is an attempt to expose Russian hacking techniques, rather than any specific new attacks, and it includes pages of technical detail to enable potential targets to identify that a breach is underway. Many of the actions by the G.R.U. — including an effort to get into data stored in Microsoft’s Azure cloud services — have already been documented by private cybersecurity firms.
But the political significance of the statement is larger: It is a first challenge to Mr. Putin since the summit in Geneva, where Mr. Biden handed him a list of 16 areas of “critical infrastructure” in the United States and said that it would not tolerate continued Russian cyberattacks.
a criminal gang operating from Russia.
In recent years, the National Security Agency has more aggressively attributed cyberattacks to specific countries, particularly those by adversarial intelligence agencies. But in December, it was caught unaware by the most sophisticated attack on the United States in years, the SolarWinds hacking, which affected federal agencies and many of the nation’s largest companies. That attack, which the the National Security Agency later said was conducted by the S.V.R., a competing Russian intelligence agency that was an offshoot of the K.G.B., successfully altered the code in popular network-management software, and thus into the computer networks of 18,000 companies and government agencies.
There is nothing particularly unusual about the methods the United States says the Russian intelligence unit used. There is no bespoke malware or unknown exploits by the G.R.U. unit. Instead, the group uses common malware and the most basic techniques, like brute-force password spraying, which uses passwords that have been stolen or leaked to gain access to accounts.