Is This A Cyber Attack?

Was Russian-linked Actors Use of USAID's Constant Contact API Keys For Malware Distribution a Cyber Attack?

No

A cyber attack is a cyber operation, whether offensive or defensive, that is reasonably expected to cause injury or death to persons or damage or destruction to objects.

Michael Schmitt et al; Tallinn Manual 1.0, pp 92
  • Cyber Operation?
  • Expected to cause death or injury to people or damage to objects?
Russian-linked Actors Use of USAID's Constant Contact API Keys For Malware Distribution does not match this definition. Here's a list of actual cyberattacks and and why this matters.

What happened?

A report from Microsoft and Volexity documents a cyber espionage campaign operated by Russian-linked actors using USAID’s Constant Contact email service to send malware to 3,000 email addresses in 150 organizations including governments, think-tanks, NGOs targets. With earliest observed activity on January 28th, 2021.

Microsoft and Volexity attributed the behavior to APT29/Nobelium, the same threat actor group involved in the SolarWinds Supply Chain espionage operation.