Exposed: Russians Exploited Adobe, Microsoft Flaws to Hack U.S. Gov’t

Following last monthEUs reports that Russians hacked into U.S. government computer systems, the exact method of the security breach is now being revealed. The breach, which took place last October, caused temporary disruptions in some government services. Several federal agencies are still investigating the breach, but many in the I.T. security community are solidly pointing fingers at Russia.

According to media reports, the hackers gained access to sensitive information such as real-time, non-public details of the U.S. president's schedule. While such information is not classified, it is still highly sensitive and prized by foreign intelligence agencies.

Now, cybersecrity firm FireEye Labs is getting to the root of the attack. The firm has detected a limited advanced persistent threat (APT) campaign it is calling Operation RussianDoll that exploits zero-day vulnerabilities in Adobe Flash and a previously unknown flaw in Microsoft Windows.

Benefitting the Russian Government

How did FireEye come to this conclusion? The companyEUs researchers detected a pattern of attacks beginning on April 13 exploiting the two flaws and traced it back to the attacks through the correlation of technical indicators and command and control infrastructure.

Adobe independently patched the vulnerability. Microsoft is aware of the Windows vulnerability. Although there is not yet a patch available for the Windows vulnerability, the good news is the firm reports that updating Adobe Flash to the latest version will render this in-the-wild exploit innocuous. Meanwhile, Microsoft is working on a fix.

FireEye figures APT28 is probably responsible. FireEye reported APT28 last October when the cyber attacks against the US government were first revealed. The report pointed to Russia as the likely perpetrator.

EUIn contrast with the China-based threat actors that FireEye tracks, APT28 does not appear to conduct widespread intellectual property theft for economic gain. Instead, APT28 focuses on collecting intelligence that would be most useful to a government,EU the firm...

Comments are closed.