The intelligence services of the United States and the United Kingdom issued a joint advisory on Thursday about the alleged devious hacking activities of Russia's GRU military intelligence, which they suggest constitutes a "global" "brute force" campaign.
"The National Security Agency (NSA), Cybersecurity and Infrastructure Security Agency (CISA), Federal Bureau of Investigation (FBI) and the UK's National Cyber Security Centre (NCSC) released a Cybersecurity Advisory today exposing malicious cyber activities by Russian military intelligence against US and global organisations, starting from mid-2019 and likely ongoing," a press release accompanying the advisory says.
The eight-page document of technical guidelines goes into detail about the methods allegedly used by the GRU for its criminal cyber operations, suggesting the GRU's cyber division has "targeted hundreds of US and foreign organisations using brute force access to penetrate government and private sector victim networks."
🚨 The Russian GRU has been conducting a global brute force campaign to compromise enterprise and cloud environments. We encourage users & administrators to read our joint advisory with @NSACyber, @FBI and @NCSC UK: https://t.co/dxEneOQ5y6 pic.twitter.com/XT3K10uH7k— Cybersecurity and Infrastructure Security Agency (@CISAgov) July 1, 2021
The advisory includes a compilation of tactics, techniques and procedures said to be used to access systems, collect data and exfiltrate it, and is presented as a guide for system administrators to curtail attacks.
While the words "Russia" and "GRU" are each mentioned nine times in the advisory, the document provides no evidence that the Eastern European country or its military intelligence service are involved in the alleged nefarious activities.
Western officials have spent the better part of the past decade accusing Russia of a host of hacking activities, but have come up short in the evidence department. While the country's intelligence services almost certainly engage in secretive cyber activities on a par with those of the US or the UK, allegations against Russia have often gone beyond the pale of ordinary cyber espionage, with US officials and media claiming that Moscow "hacked" the 2016 elections to get Donald Trump elected, or accusing Russia of planning to freeze Americans and their families to death in their homes.Marble Framework which allows US intelligence to spoof attacks to make them seem like they're coming from China, Russia, Iran, North Korea, or a host of Arab countries. Other major powers are believed to have similar spoofing capabilities.