UK and US authorities have accused a Russian spy agency of conducting an organised long-term campaign against “hundreds of governments and private sector targets.”
The accusations came in a joint advisory issued by the British National Cyber Security Centre, the US National Security Agency, the Department of Homeland Security's cyber arm, and the Federal Bureau of Investigation.
Unit 26165, an arm of Russia's military spy agency, have been using virtual private networks (VPNs) and Tor – an anonymity focused web browser – to attack government offices, political parties, energy companies, law firms, and media organisations according to the statement.
The authorities said the agency was using “brute force” attacks, which involve attackers flooding victims’ websites with potential passwords using automation until hackers can gain access.
The campaign began in mid-2019 and is "almost certainly" ongoing according to the authorities.
Many of the attacks have been directed at organisations using Microsoft Office 365 cloud services according to advisory, although other service providers have been targeted.
Unit 26165 had previously been accused of interfering in the 2016 US elections and in hacking anti-doping officials in the 2014 Winter Olympics in Sochi.
The authorities suggested implementing multi-factor authentication to prevent brute force attacks, as well as having strong passwords and denying inbound activity from anonymisation services such as Tor and commercial VPNs.
Russia has been ranked as a “second tier” cyberpower by the International Institute for Strategic Studies (IISS), alongside China, the UK, Australia, Canada, France, and Israel.
The US was the only country given the position of “tier one” by the IISS, who predicted their lead will last for at least ten years.
Recent Stories