Security News
The Kremlin on Tuesday denied US claims that Russian military intelligence was behind cyber attacks targeting Ukraine's power grid, the 2017 French election and the 2018 Winter Olympic Games. President Vladimir Putin's spokesman Dmitry Peskov described US charges against six Russian intelligence officers as "Rampant Russophobia which, of course, have nothing to do with reality."
The United Kingdom on Monday exposed and condemned cyberattacks that the Russian military intelligence service GRU allegedly launched against organizations involved in the 2020 Olympic and Paralympic Games that were set to take place in Tokyo this summer, but were postponed due to the COVID-19 pandemic. On Monday, the United States announced charges against six officers of the GRU, which is also said to have orchestrated the cyberattacks on the PyeongChang Winter Olympics with the Olympic Destroyer malware.
Norway's government on Tuesday said that it believes Russia was behind an August cyber attack targeting the email system of the country's parliament. The attack was detected in August, when Norway announced hackers had attacked the parliament's email system, gaining access to some lawmakers' messages.
A previously unknown threat group whose members speak Russian has been launching attacks against Russian industrial organizations in a highly targeted espionage campaign, Kaspersky reported on Thursday. Denis Legezo, senior security researcher with Kaspersky's Global Research and Analysis Team, told SecurityWeek that the hackers have only been seen targeting the IT networks of industrial entities and there is no indication that they have also targeted industrial control systems.
Britain's enemies are investing more and more in cyber warfare capabilities, the UK's top general has warned - singling out Russia and its "Digital authoritarianism". "China's new Strategic Support Force is designed to achieve dominance in the space and cyber domains," said the professional head of the armed forces.
While some security researchers see Zebrocy as a separate adversary, others have shown connections between various threat actors operating out of Russia, including a link between GreyEnergy and Zebrocy attacks. Lures employed in these attacks had a NATO-related theme, a recurring motif in APT28 campaigns - the adversary used a similar theme in attacks in 2017.
Microsoft believes there have been extensive "Cyberattacks targeting people and organizations involved in the upcoming presidential election," and that foreign government hackers responsible for attacks ahead of the 2016 vote are back with new and nastier tactics. The Windows giant's corporate veep for Customer Security & Trust Tom Burt said both sides of US politics are being attacked, that China, Russia and Iran are all active, and that the spies are also actively targeting UK political parties and other international institutions.
Facebook on Tuesday said that it caught a budding Russia-linked campaign to fuel political chaos in the US, working off a tip from the FBI in its latest take-down of coordinated inauthentic behavior at the leading social network. The network of 13 Facebook accounts and two pages posing as journalists and targeting left-wing progressives was removed for violating a policy against "Foreign interference" at the platform.
The United States on Thursday published information on Drovorub, a previously undisclosed piece of malware that Russia-linked cyber-spies are using in attacks targeting Linux systems. Drovorub, a joint advisory from the NSA and the FBI reveals, is being employed by the Russian General Staff Main Intelligence Directorate 85th Main Special Service Center military unit 26165, which is better known as the cyber-espionage group APT 28.
While China is the bête noire du jour of the US government, Russia is the master of spreading disinformation, fostering conflict, and derailing discourse online, the Black Hat security conference was told today. The basic methods of hacking public opinion are fairly simple, DiResta explained.