Security News > 2020 > October > U.S. Says Russian Hackers Stole Data From Two Government Servers

The United States says Russian state-sponsored hacking group Energetic Bear has successfully compromised state, local, territorial, and tribal government networks and stole data from at least two servers.

The attacks, conducted since at least September 2020, "Targeted dozens of SLTT government and aviation networks, attempted intrusions at several SLTT organizations, successfully compromised network infrastructure, and as of October 1, 2020, exfiltrated data from at least two victim servers," the alert reads.

According to the FBI and CISA, the threat actor does not appear to have intentionally disrupted the operations of organizations in aviation, education, elections, or government sectors.

The attacks might also be seen as a risk to elections information that is stored on SLTT government networks, but there's no evidence that such data has been compromised, the FBI and CISA note.

"Organizations must maintain a robust layered defense network with monitoring and detection to reduce an attack's risk by a known vulnerability and exploit. The recent attacks from nation-state cybersecurity operatives use known vulnerabilities to access an organization's networks and systems to steal data," James McQuiggan, security awareness advocate at KnowBe4, commented.

News URL

http://feedproxy.google.com/~r/Securityweek/~3/O_h_4p8TltA/us-says-russian-hackers-stole-data-two-government-servers