Russian Military Hackers Accused Of Global Campaign

The National Security Agency (NSA), the Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation and the UK's National Cyber Security Centre have released a joint advisory statement accusing Unit 26165 of Russia's GRU militray intelligence agency of being behind what they call a global campaign "to compromise enterprise and cloud environments". 

There are said to be hundreds of targets around the world, including political parties and democratic institutions.

The group working for the GRU allegedly stole and leaked Democrat emails during the US 2016 presidential election.  The US says the group belongs to the 85th Main Special Service Center of the GRU, which is sometimes called Fancy Bear, APT28 or Strontium.

One of the recent targets was the Norwegian parliament in the summer of 2020. Microsoft has also said that the same campaign targeted US and UK organisations directly involved in political elections. Microsoft has detected cyber-attacks targeting people and organisations involved in the recent presidential election, including unsuccessful attacks on people associated with both the Trump and Biden campaigns

The campaign is said to have begun in mid-2019 and to be "almost certainly" ongoing. It has mainly been directed at organisations using Microsoft Office 365 cloud services, but other service providers have also been targeted. The attack is relatively unsophisticated, with the hackers using multiple attempts to log in with different passwords to try to access systems. 
They are alleged to have used specialist software to scale up these efforts and to have used Virtual Private Networks and Tor, an anonymising system, to try to hide what they were doing. 

In its September 2020 warning about the group, Microsoft said they used 1,000 constantly rotating IP addresses. Once they get in, Russian hackers then are said to have stolen data, including emails, as well as further log-in information to allow them to burrow deeper.

The US and the UK is encouraging those responsible for protecting computer systems to review their systems for indicators they have been compromised. 

NCSC:     Microsoft:      Just Security:    BBC:    Vestnik Kazkava:     Illinois Today:

You Might Also Read: 

Microsoft’s Defensive Playbook:

 

« The Qualities That Make A Successful Cyber Team
Seven Steps To Create An Effective Disaster Recovery Plan »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Gigamon

Gigamon

Gigamon provides intelligent Traffic Visability solutions that provide unmatched visbility into physical & birtual networks without affecting the performance or stability of production environments.

Dome9

Dome9

Dome9 is a cloud firewall management service that stops vulnerabilities, secures remote access, and centralizes policy management.

Basis Technology

Basis Technology

Basis Technology provides software solutions for text analytics, information retrieval, digital forensics, and identity resolution.

National Cyber Security Centre (NCSC) - Switzerland

National Cyber Security Centre (NCSC) - Switzerland

The National Cyber Security Centre is Swizerland's competence centre for cybersecurity and the first contact point for businesses, public administrations, and the public for cyber issues.

Cybersecurity Tech Accord

Cybersecurity Tech Accord

The Cybersecurity Tech Accord promotes a safer online world by fostering collaboration among global technology companies.

Statice

Statice

Statice develops state-of-the-art data privacy technology that helps companies double-down on data-driven innovation while safeguarding the privacy of individuals.

Elpha Secure

Elpha Secure

Elpha Secure provides a comprehensive cybersecurity solution, combining technology and insurance to protect against cyber threats.

Quantropi

Quantropi

Quantropi is bound to be the standard for quantum-secure data communications – forever unbreakable, no matter what.

Terra Quantum

Terra Quantum

Terra Quantum is a deep tech pioneer, developing revolutionary quantum applications to shape the technology of the future.

Traceable

Traceable

Traceable was founded to protect applications from next-generation attacks.

ORS Consulting

ORS Consulting

ORS Consulting is a specialist provider of risk management advisory services supporting asset-intensive industries such as chemicals, energy, power and utilities, defence and maritime.

Moro Hub

Moro Hub

Moro Hub, a subsidiary of Digital DEWA, is a UAE-based digital data hub focused on digital transformation and operational services.

Performance Technologies

Performance Technologies

As a leading IT Solutions Provider in Greece, Performance Technologies delivers reliable, long life solutions, ensuring continuous availability of business-critical services and information.

Abacus Group

Abacus Group

Abacus Group is a global IT services firm for alternative investment firms, providing an enterprise technology platform specifically designed to meet the unique needs of financial services.

Cyber Intell Solution (CIS)

Cyber Intell Solution (CIS)

Cyber Intell Solution provide expert consulting, specialized products, and tailored operational services to governmental and corporate industry worldwide.

Sonar

Sonar

AI generated or written by humans, Sonar’s Clean Code Solutions cover your code quality needs, improving code reliability, maintainability, and security.