“Sled leads to Russia”: Russian hackers accused of breaking NATO systems
“I’m more worried about the Russians,” said James Klapper, director of US national intelligence, recently at a forum at the University of Texas, speaking of Chinese hackers' cyber attacks. A great article with the leitmotif and catchy title “Hacker Trail Leads to Russia” was published today by The Wall Street Journal. Perhaps the Chinese are engaged in cyber espionage and more often, but Russia is acting more efficiently, according to Klepper.
The reason for the article was the recent investigation of the leading Silicon Valley company, FireEye Inc, of hacking into the computer system of an unnamed American company whose activities are sealed with “Top Secret”.
')
Experts discovered there, in their words, “powerful cyber weapons”, which can affect the computers of internal networks, moving from one to another without any Internet. At the same time, it is very difficult to detect, since the stolen data is well disguised as the next victim's mail traffic. Moreover, the spyware tool code was written, according to FireEye, on Russian-language machines and “during business hours Moscow time”.
The verdict of the FireEye report following the results of the investigation is unequivocal: the cyber espionage was planned by government structures in Moscow.
The report was one of four recent studies of various computer security firms, including those owned by Google and the US intelligence agency, which point to the Russian sponsorship of the biggest cyber attacks that took place since 2007. Their targets were, in particular, the governments of Russia's neighboring countries, the largest US defense industry contractors, such as Science Applications International Corp and Academi LLC, Blackwater, the state-owned information security firm, and NATO structures.
According to The Wall Street Journal, all these facts speak only of one thing - Moscow’s “team A” of internet opponents controls it.
The head of the American intelligence service noted that it is difficult to identify the criminal or nationality of hackers, since the authorities use tools created by criminal groups, and vice versa, criminal hackers have in their arsenal some special cyber divisions. For example, it is still not clear who is behind the sensational infiltration into the secret American military system in 2008, criminals, or spyware hackers, since the detected surveillance tool is used by both.
United States National Intelligence Director James Clapper
Meanwhile, FireEye experts and the military checked their data and came to the conclusion that they were hunting for the same group, whose main tool for espionage was given the code name "Sofacy" from them.
The data from the other studies also speak of the “handwriting” of the same group, although Google’s 41-page report, submitted to the Department of Homeland Security last month, does not blame Russia for espionage, disregarding the phrase “state-controlled group”. However, it also notes that the computers on which the “cyber weapon” was created were Russified.
Material written at the request of VCStart.com
The reason for the article was the recent investigation of the leading Silicon Valley company, FireEye Inc, of hacking into the computer system of an unnamed American company whose activities are sealed with “Top Secret”.
')
Experts discovered there, in their words, “powerful cyber weapons”, which can affect the computers of internal networks, moving from one to another without any Internet. At the same time, it is very difficult to detect, since the stolen data is well disguised as the next victim's mail traffic. Moreover, the spyware tool code was written, according to FireEye, on Russian-language machines and “during business hours Moscow time”.
The verdict of the FireEye report following the results of the investigation is unequivocal: the cyber espionage was planned by government structures in Moscow.
The report was one of four recent studies of various computer security firms, including those owned by Google and the US intelligence agency, which point to the Russian sponsorship of the biggest cyber attacks that took place since 2007. Their targets were, in particular, the governments of Russia's neighboring countries, the largest US defense industry contractors, such as Science Applications International Corp and Academi LLC, Blackwater, the state-owned information security firm, and NATO structures.
According to The Wall Street Journal, all these facts speak only of one thing - Moscow’s “team A” of internet opponents controls it.
The head of the American intelligence service noted that it is difficult to identify the criminal or nationality of hackers, since the authorities use tools created by criminal groups, and vice versa, criminal hackers have in their arsenal some special cyber divisions. For example, it is still not clear who is behind the sensational infiltration into the secret American military system in 2008, criminals, or spyware hackers, since the detected surveillance tool is used by both.
United States National Intelligence Director James Clapper
Meanwhile, FireEye experts and the military checked their data and came to the conclusion that they were hunting for the same group, whose main tool for espionage was given the code name "Sofacy" from them.
The data from the other studies also speak of the “handwriting” of the same group, although Google’s 41-page report, submitted to the Department of Homeland Security last month, does not blame Russia for espionage, disregarding the phrase “state-controlled group”. However, it also notes that the computers on which the “cyber weapon” was created were Russified.
Material written at the request of VCStart.com
Source: https://habr.com/ru/post/241726/
All Articles