The report did not say which militaries had been targeted in what Google described as “credential phishing campaigns” launched by a Russian-based group called Coldriver, or Callisto.
“These campaigns were sent using newly created Gmail accounts to non-Google accounts, so the success rate of these campaigns is unknown,” the report said.
NATO was not immediately available for comment on the report.
Russia, which is now under heavy Western economic sanctions following its decision to invade Ukraine on Feb. 24, regularly denies accusations of mounting cyber attacks on Western targets.
In 2019, Finnish cybersecurity firm F-Secure Labs described Callisto as an unidentified and advanced threat actor “interested in intelligence gathering related to foreign and security policy” in Europe.
The group also targeted a NATO Centre of Excellence, Wednesday’s Google report said, without elaborating.
In a statement, the centre did not directly address Google’s report but said: “We see malicious cyber activity on a daily basis.”