Russia’s GRU hackers hit US government and energy targets
A previously unreported Fancy Bear campaign persisted for well over a year. …
reader comments
30 with 21 posters participating
Russia’s GRU military intelligence agency has carried out many of the most aggressive acts of hacking in history: destructive worms, blackouts, and—closest to home for Americans—a broad hacking-and-leaking operation designed to influence the outcome of the 2016 US presidential election. Now it appears the GRU has been hitting US networks again, in a series of previously unreported intrusions that targeted organizations ranging from government agencies to critical infrastructure.
From December 2018 until at least May of this year, the GRU hacker group known as APT28 or Fancy Bear carried out a broad hacking campaign against US targets, according to an FBI notification sent to victims of the breaches in May and obtained by WIRED. According to the FBI, the GRU hackers primarily attempted to break into victims’ mail servers, Microsoft Office 365 and email accounts, and VPN servers. The targets included “a wide range of US-based organizations, state and federal government agencies, and educational institutions,” the FBI notification states. And technical breadcrumbs included in that notice reveal that APT28 hackers have targeted the US energy sector, too, apparently as part of the same effort.
The revelation of a potentially ongoing US-targeted GRU hacking spree is especially troubling in light of the GRU’s past operations, which have often gone beyond mere espionage to include embarrassing email leaks or even
Continue reading – Article source