Russia-linked hackers attacked governments in Europe and Latin America
The Kremlin-linked hacking group that interfered in the 2016 US presidential election is now attacking governments in Europe and Latin America.
According to a Thursday morning blog post by Symantec, one of the worldâs largest cybersecurity companies, the hackers known as Fancy Bear have tried to obtain intelligence from military targets and governments in Europe, the government of a country in South America, an embassy of an Eastern European country, and a âwell-known organization.â (The company didnât reveal the name of the entities or the countries affected, but the victims have been notified.)
From 2017 to early May 2018, Fancy Bear tried to install malware into the targetsâ systems to extract information, says Dick OâBrien, a manager for Symantec Security Response. The company, however, detected the intrusions and thwarted the attacks.
While itâs always hard to know exactly who is who in cyberspace, Symantec is sure Fancy Bear is the culprit because it used the same techniques in previous attempts. âThis toolset is only used by them,â OâBrien told me.
The news comes just one day after the UK singled out the GRU, Russiaâs main military intelligence agency, for attacks between July 2015 and October 2017 on organizations like the World Anti-Doping Agency, transport systems in Ukraine, and businesses around the world â" including some in Russia itself. Itâs unclear if Fancy Bear had anything to do with those operations directly.
âThe GRUâs actions are reckless and indiscriminate,â British Foreign Secretary Jeremy Hunt said in a Wednesday statement. âThis pattern of behavior demonstrates their desire to operate without regard to international law or established norms and to do so with a feeling of impunity and without consequences.â
And on Thursday morning, the US indicted seven GRU members for the attacks.
âThereâs no reason to believe these guys are going to stopâ
Fancy Bear â" also known as APT28 or Sofacy â" has ties to the GRU, which means the attacks could benefit the Kremlin.
The group gained international fame because of the 2016 US presidential election for aiding Moscowâs interference efforts. In July, special counsel Robert Mueller indicted 12 of Fancy Bearâs members for stealing e mails and documents from the Democratic National Committee, the Democratic Congressional Campaign Committee, and various Hillary Clinton campaign staffers, including campaign chair John Podesta.
Russia, of course, wonât indict the members to face trial in the United States.
Those intrusions were unusually bold for the hackers, Kevin Mandia, the CEO of the cybersecurity company FireEye, told reporters on Monday during a conference organized by the Hoover Institution think tank. Historically, Russian hackers have used their skills primarily for under-the-radar espionage that gives information to the government, he said. Thatâs the kind of activity Symantec caught Fancy Bear doing.
Whatâs more, Russian hackers in the 1990s and early 2000s would flee from a targetâs systems if a security professional observed them, Mandia continued. But today, they donât seem to mind if cybersecurity professionals monitor their actions, which means they probably feel more confident in their skills.
âIt is now clear that after being implicated in the US presidential election attacks in late 2016, APT28 was undeterred by the resulting publicity and continues to mount further attacks using its existing tools,â Symantec stated in the blog post.
The implication, then, is staggering: The world knows who these intruders are and how they operate â" but theyâre going to continue to target (and likely successfully infiltrate) systems all around the world anyway.
âThereâs no reason to believe these guys are going to stop,â OâBrien told me.
Next Up In World
- The US is tearing up a friendship treaty with Iran you probably didnât know existed
- A top UN court just told the US to lift some sanctions on Iran
- USMCA, Trumpâs new trade deal, explained in 500 words
- The US wonât give visas to same-sex partners of UN officials anymore
- USMCA, the new trade deal between the US, Canada, and Mexico, explained
- Trumpâs wildly unpopular foreign policy, in 2 polls