US Warns Russian Hackers Targetting Defence Contractors

The FBI, National Security Agency (NSA) and US Cybersecurity and Infrastructure Security Agency (CISA) have issued warned about a sobering data compromise.

In a public advisory, all there US agencies on Wednesday said they “have observed regular targeting of US cleared defence contractors (CDCs) by Russian state-sponsored cyber actors.”

Both large and smaller scale defence contractors, and subcontractors were targetted to obtain data on US weapons platforms. It comes amid severe tensions between NATO and the West and Moscow, due to the more than 150,000 Russian combat troops stationed on the Ukraine border.

Defence hacks

The US, UK and NATO have been calling out Russia’s usual playbook of hybrid or asymmetric warfare, before it commences military operations. This include cyberattacks.

Earlier this week the Ukraine’s Ministry of Defence suffered from a DDoS attack, as did two banks.

Last month Ukraine also suffered a massive cyberattack that impacted at least 70 government websites, as well as the US, UK and Swedish embassies.

On Thursday pro Russian-forces shelled a nursery school (kindergarten) in what is being labelled by the West as a typical Russian false flag operation – trying to goad a response from Ukraine forces to give them an excuse to escalate military operations.

So it makes sense that Russian-linked hackers have been trying to build up a picture of what weapon platforms it may face.

The three US agencies warned that the Russian-backed hackers have targetted:

  • Command, control, communications, and combat systems;
  • Intelligence, surveillance, reconnaissance, and targeting;
  • Weapons and missile development;
  • Vehicle and aircraft design; and
  • Software development, data analytics, computers, and logistics.

“Historically, Russian state-sponsored cyber actors have used common but effective tactics to gain access to target networks, including spearphishing, credential harvesting, brute force/password spray techniques, and known vulnerability exploitation against accounts and networks with weak security,” said CISA.

“These actors take advantage of simple passwords, unpatched systems, and unsuspecting employees to gain initial access before moving laterally through the network to establish persistence and exfiltrate data.”

Weapons data

It seems the hackers were able to obtain some unclassified data, as well as proprietary and export-controlled technology, which will provide a ‘significant insight’ into US weapon platforms.

“These continued intrusions have enabled the actors to acquire sensitive, unclassified information, as well as CDC-proprietary and export-controlled technology,” CISA warned. “The acquired information provides significant insight into US weapons platforms development and deployment timelines, vehicle specifications, and plans for communications infrastructure and information technology.”

“By acquiring proprietary internal documents and email communications, adversaries may be able to adjust their own military plans and priorities, hasten technological development efforts, inform foreign policymakers of US intentions, and target potential sources for recruitment,” said CISA.

“Given the sensitivity of information widely available on unclassified CDC networks, the FBI, NSA, and CISA anticipate that Russian state-sponsored cyber actors will continue to target CDCs for US defense information in the near future,” it said. “These agencies encourage all CDCs to apply the recommended mitigations in this advisory, regardless of evidence of compromise.

Last month the UK’s GCHQ’s National Cyber Security Centre (NCSC) made clear the need for UK organisations to take action to bolster their cyber security resilience in response to the malicious cyber incidents in and around Ukraine.

Tom Jowitt

Tom Jowitt is a leading British tech freelancer and long standing contributor to Silicon UK. He is also a bit of a Lord of the Rings nut...

Recent Posts

X’s Community Notes Fails To Stem US Election Misinformation – Report

Hate speech non-profit that defeated Elon Musk's lawsuit, warns X's Community Notes is failing to…

2 days ago

Google Fined More Than World’s GDP By Russia

Good luck. Russia demands Google pay a fine worth more than the world's total GDP,…

2 days ago

Spotify, Paramount Sign Up To Use Google Cloud ARM Chips

Google Cloud signs up Spotify, Paramount Global as early customers of its first ARM-based cloud…

4 days ago

Meta Warns Of Accelerating AI Infrastructure Costs

Facebook parent Meta warns of 'significant acceleration' in expenditures on AI infrastructure as revenue, profits…

4 days ago

AI Helps Boost Microsoft Cloud Revenues By 33 Percent

Microsoft says Azure cloud revenues up 33 percent for September quarter as capital expenditures surge…

4 days ago
  翻译: