Security News > 2020 > February > Austrian foreign ministry: 'State actor' hack on government IT systems is over
Austria's foreign ministry has said a weeks-long cyber attack from a "State actor" against its systems has ended - amid local reports that pin the blame on a Russian hacking crew and its initial four-byte payload. The attack, which was announced to burghers of the state on a 4th January, was aimed at the ministry's IT infrastructure, according to local reports.
Foreign minister Alexander Schallenberg said the attack had been ended, adding: "We managed to clean up our IT systems." He claimed that "No damage to the IT equipment could be detected".
The ministry said in a statement: "According to current knowledge, this was a targeted attack against the Foreign Ministry with the intention of gathering information. However, due to the dimension and the high complexity, it cannot yet be said beyond doubt who is behind the attack."
A local radio station, the Österreichischer Rundfunk, reported in mid-January that the attack bore the hallmarks of Russia's Turla Group.
Deployed as a so-called fileless attack, the malware's operators were, so ORF said, able to revisit freshly disinfected servers with subtly altered strains, reacting to countermeasures on the fly.