Skip to main content

Russian hackers are trying to brute-force hundreds of networks

posted onJuly 5, 2021
by l33tdawg
Arstechnica
Credit: Arstechnica

The discovery of Russia's devastating SolarWinds spy campaign put the spotlight on the sophisticated supply chain hijacking techniques of Moscow's foreign intelligence hackers. But it's now apparent that, throughout that SolarWinds spying and its fallout, another group of Kremlin hackers has kept up up their usual daily grind, using basic but often effective techniques to pry open practically any vulnerable network they could find across the US and the global Internet.

On Thursday the NSA, the FBI, the DHS's Cybersecurity and Infrastructure Security Agency, and the UK's National Cybersecurity Centre issued a joint advisory warning of hundreds of attempted brute-force hacker intrusions around the world, all carried out by Unit 26165 of Russia's GRU military intelligence agency, also widely known as Fancy Bear or APT28. The hacking campaign has targeted a broad swath of organizations, including government and military agencies, defense contractors, political parties and consultancies, logistics companies, energy firms, universities, law firms, and media companies. In other words, practically every sector of interest on the Internet.

The hacking campaign has used relatively basic techniques against those targets, guessing usernames and passwords en masse to gain initial access. But cybersecurity agencies warn that the Fancy Bear campaign has nonetheless successfully breached multiple entities and exfiltrated emails from them—and that it's not over.

Source

Tags

Security

You May Also Like

Recent News

Friday, November 29th

Tuesday, November 19th

Friday, November 8th

Friday, November 1st

Tuesday, July 9th

Wednesday, July 3rd

Friday, June 28th

Thursday, June 27th

Thursday, June 13th

Wednesday, June 12th

Tuesday, June 11th