US busts Russian cyber operation in dozens of countries
Advertisement
Read this article for free:
or
Already have an account? Log in here »
To continue reading, please subscribe:
Monthly Digital Subscription
$0 for the first 4 weeks*
- Enjoy unlimited reading on winnipegfreepress.com
- Read the E-Edition, our digital replica newspaper
- Access News Break, our award-winning app
- Play interactive puzzles
*No charge for 4 weeks then price increases to the regular rate of $19.95 plus GST every four weeks. Offer available to new and qualified returning subscribers only. Cancel any time.
Monthly Digital Subscription
$4.99/week*
- Enjoy unlimited reading on winnipegfreepress.com
- Read the E-Edition, our digital replica newspaper
- Access News Break, our award-winning app
- Play interactive puzzles
*Billed as $19.95 plus GST every four weeks. Cancel any time.
To continue reading, please subscribe:
Add Free Press access to your Brandon Sun subscription for only an additional
$1 for the first 4 weeks*
*Your next subscription payment will increase by $1.00 and you will be charged $16.99 plus GST for four weeks. After four weeks, your payment will increase to $23.99 plus GST every four weeks.
Read unlimited articles for free today:
or
Already have an account? Log in here »
Hey there, time traveller!
This article was published 09/05/2023 (971 days ago), so information in it may no longer be current.
WASHINGTON (AP) — The Justice Department said Tuesday that it had disrupted a long-running Russian cyberespionage campaign that infected computer networks in dozens of countries, including in the United States, and resulted in the theft of sensitive information from governments.
Prosecutors linked the spying operation to a unit of Russia’s Federal Security Service, or FSB, and accused the hackers of stealing documents from hundreds of computer systems belonging to governments of NATO members, an unidentified journalist for a U.S. news organization who reported on Russia, and other select targets of interest to the Kremlin.
“For 20 years, the FSB has relied on the Snake malware to conduct cyberespionage against the United States and our allies — that ends today,” Assistant Attorney General Matthew Olsen, the head of the Justice Department’s National Security Division, said in a statement.
The specific targets were not named in court papers, but the Justice Department said the affected networks were in more than 50 countries. U.S. officials described the espionage campaign as “very consequential,” saying the hackers had successfully exfiltrated sensitive documents from NATO countries.
Prosecutors say the hackers, employing malicious software known as Snake, routed data stolen from foreign governments through compromised computers in the U.S. as a way to cover their tracks. They operated from what the Justice Department said was a known FSB facility in Ryazan, Russia.
In a separate statement, CrowdStrike Intelligence, a private cybersecurity firm that has studied the threat, said the sectors targeted by the hacking included government organizations, defense-related organizations and companies developing cryptographic hardware. It said countries all over the world had been affected, including in Europe, Australia, part of Asia and North and South America.
U.S. officials said they’d been investigating Snake for about a decade and came to regard it as the most sophisticated malware implant relied on by the Russian government for espionage campaigns. They said Turla, the FSB unit believed responsible for the malware, had refined and revised it multiple times as a way to avoid being shut down.
The Justice Department, using a warrant this week from a federal judge in Brooklyn, launched what it said was a high-tech operation using a specialized tool called Perseus that caused the malware to effectively self-destruct.
Federal officials said they were confident that, based on the impact of its operation this week, the FSB would not be able to reconstitute the malware implant.
______
Follow Eric Tucker on Twitter at http://www.twitter.com/etuckerAP