Google's Threat Analysis Group did not say which militaries had been targeted in what Google described as "credential phishing campaigns" launched by a Russian-based group called Coldriver, or Callisto.
"These campaigns were sent using newly created Gmail accounts to non-Google accounts, so the success rate of these campaigns is unknown," the report said.
Russia, which is now under heavy Western economic sanctions following Tsar Putin’s decision to invade Ukraine, denies accusations of mounting cyber attacks on Western targets (although it is currently denying that it is at war with Ukraine.)
In 2019, Finnish cybersecurity firm F-Secure Labs described Callisto as an unidentified and advanced threat actor "interested in intelligence gathering related to foreign and security policy" in Europe.
The group also targeted a NATO Centre of Excellence, Wednesday's Google report said, without elaborating.
NATO has confirmed that it is seeing malicious cyber activity daily.
"NATO Centres of Excellence work alongside the Alliance but they are not part of NATO as such. We are in touch with them on this issue," the statement said.