21:25 GMT30 July 2021
Listen Live
    World
    Get short URL
    by
    261173
    Subscribe

    Western countries have spent years accusing Moscow of carrying out an array of hack attacks targeting everything from government servers and businesses to power grids and even election-related infrastructure. Russian officials have repeatedly asked for but never received publicly concrete evidence in support of such allegations.

    The intelligence services of the United States and the United Kingdom issued a joint advisory on Thursday about the alleged devious hacking activities of Russia's GRU military intelligence, which they suggest constitutes a "global" "brute force" campaign.

    "The National Security Agency (NSA), Cybersecurity and Infrastructure Security Agency (CISA), Federal Bureau of Investigation (FBI) and the UK's National Cyber Security Centre (NCSC) released a Cybersecurity Advisory today exposing malicious cyber activities by Russian military intelligence against US and global organisations, starting from mid-2019 and likely ongoing," a press release accompanying the advisory says.

    The eight-page document of technical guidelines goes into detail about the methods allegedly used by the GRU for its criminal cyber operations, suggesting the GRU's cyber division has "targeted hundreds of US and foreign organisations using brute force access to penetrate government and private sector victim networks."

    The advisory includes a compilation of tactics, techniques and procedures said to be used to access systems, collect data and exfiltrate it, and is presented as a guide for system administrators to curtail attacks.

    The document also warns that the campaign is "almost certainly ongoing" and that actors in the US and Europe are the primary targets -among them government agencies and militaries, defence contractors, energy firms, education and logistics organisations, law firms, media, political parties and think tanks.

    While the words "Russia" and "GRU" are each mentioned nine times in the advisory, the document provides no evidence that the Eastern European country or its military intelligence service are involved in the alleged nefarious activities.

    GRU military intelligence headquarters in Moscow, Russia. File photo.
    © Sputnik / Евгений Биятов
    GRU military intelligence headquarters in Moscow, Russia. File photo.

    Western officials have spent the better part of the past decade accusing Russia of a host of hacking activities, but have come up short in the evidence department. While the country's intelligence services almost certainly engage in secretive cyber activities on a par with those of the US or the UK, allegations against Russia have often gone beyond the pale of ordinary cyber espionage, with US officials and media claiming that Moscow "hacked" the 2016 elections to get Donald Trump elected, or accusing Russia of planning to freeze Americans and their families to death in their homes.

    Further complicating things when it comes to cyber activities is the existence of complex spoofing attack capabilities, which allows some countries' intelligence services to make a cyberattack look like it's coming from one country when it is in fact coming from another. Last year, veteran cryptographer and NSA whistleblower Bill Binney told Sputnik that the United States has a cyber suite known as the Marble Framework which allows US intelligence to spoof attacks to make them seem like they're coming from China, Russia, Iran, North Korea, or a host of Arab countries. Other major powers are believed to have similar spoofing capabilities.

    Community standardsDiscussion