UK, US agencies accuse Russian military intelligence agency of ‘brute force’ cyber attack

Several organizations have jointly issued a recommendation to improve security in the cyberspace.

July 1, 2021 at 9:54 pm

According to information released by the International Institute for Strategic Studies, U.S. authorities consider Russia’s General Staff (GRU) and certain subordinate units to be key players in offensive cyber and influence operations.

The UK’s National Cyber ​​Security Centre has jointly released an advisory report “Russian GRUs conduct a global brute-force campaign to disrupt enterprises and cloud environments”, urging companies to further strengthen their cyber defenses.

In a statement, NSA cybersecurity director Rob Joyce said the campaign “is likely to continue globally.”

UK, US agencies accuse Russian military intelligence agency of ‘brute force’ cyber attack

Multiple agencies have said Russia has been conducting active cyberattacks against hundreds of organisations around the world (Image: PA).

Brute-force attacks involve automatically cracking websites with potential passwords until the hackers gain access, but the specific targets of the campaign were not disclosed.

The NSA said that since at least mid-2019, GRU-related agents have attempted to break into networks using Kubernetes, an open-source tool originally developed by Google to manage cloud services.

While a “large number” of attempted break-ins targeted organizations using Microsoft’s Office 365 cloud service, the hackers also targeted other cloud providers and email servers, the NSA said.

According to Joe Slowik, a threat analyst at U.S.-based cyber-monitoring firm Gigamon, the brute-force methods and lateral movement within networks described by the NSA are common among state-sponsored hacker and criminal ransomware gangs, allowing the GRU to mingle with other actors.

The FBI and the Cybersecurity and Infrastructure Security Agency also joined the advisory.

UK, US Agencies Accuse Russian Military Intelligence Of ‘Brute Force’ Cyber ​​Campaign

Multiple organisations have jointly published an advisory to promote greater security in the cyber domain.

1st July 2021 at 9:54pm

The US authorities consider Russia’s Directorate of the General Staff (GRU) and certain subordinate units principle actors in offensive cyber and influence operations, according to the International Institute for Strategic Studies.

The British National Cyber ​​Security Centre jointly issued the advisory ‘Russian GRU Conducting Global Brute Force Campaign to Compromise Enterprise and Cloud Environments’ – urging companies to bolster their defences.

In a statement, the US National Security Agency (NSA) Cybersecurity Director, Rob Joyce, said the campaign was “likely ongoing, on a global scale”.

Russia have been conducting aggressive cyber attacks against hundreds of organisations worldwide, multiple agencies have said (Picture: PA).

Brute force attacks involve the automated spraying of sites with potential passwords until hackers gain access, though specific targets of the campaign were not disclosed.

The NSA says GRU-linked operatives have tried to break into networks using Kubernetes, an open-source tool originally developed by Google to manage cloud services, since at least mid-2019.

While a “significant amount” of the attempted break-ins targeted organisations using Microsoft’s Office 365 cloud services, the hackers went after other cloud providers and email servers as well, the NSA said.

Joe Slowik, a threat analyst at the network-monitoring firm Gigamon, said the brute force method and lateral movement inside networks described by the NSA are common among state-backed hackers and criminal ransomware gangs, allowing the GRU to blend in with other actors.

The FBI and the Cybersecurity and Infrastructure Security Agency also joined the advisory.

The Links:   AA104VH01 NL8060BC26-27

Bookmark the permalink.

Comments are closed.