We value your privacy

We use cookies to enhance your browsing experience, serve personalized ads or content, and analyze our traffic. By clicking "Accept All", you consent to our use of cookies.

Customize Consent Preferences

We use cookies to help you navigate efficiently and perform certain functions. You will find detailed information about all cookies under each consent category below.

The cookies that are categorized as "Necessary" are stored on your browser as they are essential for enabling the basic functionalities of the site. ... 

Always Active

Necessary cookies are required to enable the basic features of this site, such as providing secure log-in or adjusting your consent preferences. These cookies do not store any personally identifiable data.

No cookies to display.

Functional cookies help perform certain functionalities like sharing the content of the website on social media platforms, collecting feedback, and other third-party features.

No cookies to display.

Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics such as the number of visitors, bounce rate, traffic source, etc.

No cookies to display.

Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.

No cookies to display.

Advertisement cookies are used to provide visitors with customized advertisements based on the pages you visited previously and to analyze the effectiveness of the ad campaigns.

No cookies to display.

avatar
admin
 Pinned October 16, 2020

<> Embed

@  Email

Report

Repin Zoom
Uploaded by user
Russian state hackers appear to have breached a federal agency
<> Embed @  Email Report

Russian state hackers appear to have breached a federal agency

Jon Fingas, @jonfingas

October 3, 2020

Russia’s 2020 hacking campaigns might have included a successful data breach at the US government. In the wake of a CISA notice warning of a cyberattack on an unnamed federal agency’s network, Wired and security company Dragos have obtained evidence suggesting Russia’s state-backed APT28 group, better known as Fancy Bear, was behind the hack.

The FBI reportedly sent alerts to some hacking victims in May warning that Fancy Bear was widely targeting US networks, including an IP address mentioned in the recent cyberattack notice. There was also “infrastructure overlap” and behavior patterns pointing to the Russian group, Dragos’ Joe Slowik said. Some of the IP addresses match criminal operations, but Slowik believed Fancy Bear might be reusing criminal tech to help cover its trail.

Security expert Costin Raiu added that an apparent copy of the malware uploaded to a research reposityory also appeared to be a unique combination of existing hacking tools that had no obvious connections to known hacking teams. While that doesn’t definitively link the malware to Fancy Bear, it suggests the attack was relatively sophisticated.

The intruders used compromised logins to plant malware and get “persistent” access to systems on the agency’s network, using that to steal files.

US officials haven’t responded to requests for comment.

While it wouldn’t be shocking if Russia was behind the breach, it would still be worrying. It would indicate that Russia was not only launching an assault on US government systems, but managed to grab substantial data. It’s just a question of whether or not the damage was severe enough to significantly hamper operations.

Engadget RSS Feed

(19)