Russian Hackers Targeting U.S. Government, F-Secure Says

State-sponsored cyberattacks have been tied directly to a hacking group that gathers intelligence for RussiaEUs Kremlin. F-Secure Labs has just published a white paper that outlines seven years of attacks against governments in the United States, Asia and Europe.

A malicious group called the Dukes uses a family of malware toolsets to steal information by infiltrating computer networks and sending the data back to the attackers, according to F-Secure Labs. The former Georgian Information Center on NATO -- now called the Information Center on NATO and EU -- along with the Ministry of Defense of Georgia, Turkey and Uganda ministries of foreign affairs, and other government institutions and political think tanks in the U.S., Europe, and Central Asia, are among the targets.

"The research details the connections between the malware and tactics used in these attacks to what we understand to be Russian resources and interests,EU said Artturi Lehtiö, the F-Secure researcher heading the investigation, in a statement.

Lehtiö noted that the new analysis strengthens claims that the group is backed by Russia, and is working to support Russian intelligence gathering. EUThese connections provide evidence that helps establish where the attacks originated from, what they were after, how they were executed, and what the objectives were. And all the signs point back to Russian state-sponsorship," he said.

How Important Is This?

F-Secure Labs said that the Dukes use nine variants of malware toolsets. Although many of those toolsets were already known to security researchers, Lehtiö discovered two new variants that helped him peg connections between the group and the attacks.

The connections F-Secure identified have significant international security implications, particularly for states in Eastern Europe and the Caucasus, said Patrik Maldre, a junior research fellow with the International Center for Defense and Security.

EUThey shed new light on how heavily Russia has invested in offensive...

Comments are closed.