Support The Moscow Times!
Contribute today

2nd Russian Hacker Group Accused of Targeting NATO

By Matthew Bodner
A U.S. security firm has claimed that a Russia-based hacker group is spying on NATO.

A U.S. security firm has claimed that a sophisticated, Russia-based hacker group is spying on NATO and former Soviet member states, most likely on the orders of the Russian government.

In a report issued Tuesday, security firm FireEye said the group, which the firm dubbed APT28, has since 2007 conducted “long-standing, focused operations that indicate a government sponsor — specifically, a government based in Moscow.”

“APT28 targets insider information related to governments, militaries and security organizations that would likely benefit the Russian government,” the report says. These targets include the Georgian Defense and Interior ministries, post-Soviet governments in Eastern Europe that are now members of NATO, and the NATO alliance itself.

Russian cyber espionage efforts have long been considered unrivaled in skill and scope, but the difficulty of identifying attacks and tracing them to an identifiable source has prevented cyber security investigators from pinning any activity directly on a single Russian entity.

But evidence of a wide-ranging cyber espionage campaign is mounting. Earlier in October, another U.S. cyber security firm said that a group of Russian hackers with suspected government backing had used a previously unknown backdoor in Microsoft Windows operating systems to spy on NATO and several Western governments.

APT28 does not appear to be stealing intellectual property or directly profiting from stolen financial information, as is characteristic of China-based actors tracked by FireEye, the report said. Instead, the hackers focus on defense and geopolitical intelligence-gathering.

The sophistication of APT28's malware indicates that the group is state-sponsored, the report said. Samples of the group's coding show that work on the group's cyber weapons corresponds to a normal working week in the St. Petersburg and Moscow time zone almost 90 percent of the time.

FireEye's report also mentions that the language settings on the coding are Russian, rather than English or language-neutral settings.

Contact the author at m.bodner@imedia.ru

… we have a small favor to ask.

As you may have heard, The Moscow Times, an independent news source for over 30 years, has been unjustly branded as a "foreign agent" by the Russian government. This blatant attempt to silence our voice is a direct assault on the integrity of journalism and the values we hold dear.

We, the journalists of The Moscow Times, refuse to be silenced. Our commitment to providing accurate and unbiased reporting on Russia remains unshaken. But we need your help to continue our critical mission.

Your support, no matter how small, makes a world of difference. If you can, please support us monthly starting from just 2. It's quick to set up, and you can be confident that you're making a significant impact every month by supporting open, independent journalism. Thank you.

Continue

Read more

news

Report: Possible Russian Gov't Hackers Attacked U.S. Financial System

Russian hackers, possibly collaborating with the government, recently attacked America's largest bank, JPMorgan, as well as other targets in the American...
news

Russian-Speaking Hackers Stole $2.5 Billion Since 2013

Russian-speaking hackers from countries in the former Soviet Union have raked in $2.5 billion since 2013, mostly through financial fraud via mobile...
news

Intelligence Firm Says Russian Hackers Target NATO, Ukraine, Others

Russian hackers exploited a bug in Microsoft Windows and other software to spy on computers used by NATO, the EU, and Ukraine, according to cyber...
circumstances unclear

U.S. Citizen Killed in Moscow-Held Donetsk – Russian Media

Russell Bentley, 64, was known to have fought with Moscow-backed separatists in eastern Ukraine and had been given Russian nationality.
1 Min read