Featured Stories

U.S. Warns Partners, Industrial Firms About Russian Hacking Operation

By | May 29, 2020
Email This

The U.S. National Security Agency on Thursday warned government partners and private companies about a Russian hacking operation that uses a special intrusion technique to target operating systems often used by industrial firms to manage computer infrastructure.

“This is a vulnerability that is being actively exploited, that’s why we’re bringing this notification out,” said Doug Cress, chief of the cybersecurity collaboration center and directorate at NSA. “We really want… the broader cybersecurity community to take this seriously.”

The notice is part of a series of public reports by the spy agency, which is responsible for both collecting foreign intelligence and protecting Defense Department systems at home, to share actionable cyber defense information.

Cress declined to discuss which business sectors had been most affected, how many organizations were compromised using the Russian technique, or whether the cyber espionage operation targeted a specific geographic region.

The NSA said the hacking activity was tied directly to a specific unit within Russia’s Main Intelligence Directorate, also known as the GRU, named the Main Center for Special Technologies. The cybersecurity research community refers to this same hacking group as “Sandworm,” and has previously connected it to disruptive cyberattacks against Ukrainian electric production facilities.

Secretary of State Mike Pompeo also called out the same GRU unit in February for conducting a cyberattack against the country of Georgia.

A security alert published by the NSA on Thursday explains how hackers with GRU, Russia’s military intelligence, are leveraging a software vulnerability in Exim, a mail transfer agent common on Unix-based operating systems, such as Linux. The vulnerability was patched last year, but some users have not updated their systems to close the security gap.

“Being able to gain root access to a bridge point into a network gives you so much ability and capability to read email, to navigate across and maneuver through the network,” said Cress, “so it’s more about the danger we’re trying to help people understand.”

(Reporting by Christopher Bing; Editing by Dan Grebler)

Copyright 2024 Reuters. Click for restrictions.

Topics Mergers & Acquisitions USA Cyber Russia

Was this article valuable?

Here are more articles you may enjoy.

The_Travelers_CompaniesTravelers Reverses Q2 Income Loss, Narrows Underwriting Loss
Insurers Settle With Hotel in Case of Woman Videotaped in the Shower
Soccer Officials Arrested After Melee That Damaged Hard Rock Stadium in Miami
Surplus Lines Commercial Growth; Fla. Litigation Costs Reach New High in 2023

Written By Christopher Bing

More From Author
Email This

Latest Comments

  • June 1, 2020 at 11:16 am
    Stush says:
    You mention that bull about special deals with Burisma as if that was fact but the fact is that we dealt with the aggression as best as international norms would allow. What ... read more
  • June 1, 2020 at 9:21 am
    PolarBeaRepeal says:
    I agree wholeheartedly; President Vlad Putin is a Russian asset. And I'm glad Trump is dealing with Russia appropriately, considering the adverse consequences of the Obama Adm... read more
  • May 29, 2020 at 10:36 am
    Jon says:
    And the members of the right are still pretending it's great that Trump is under Putin's thumb. This is what happens to our country when the president is a Russian asset.

Add a CommentSee All Comments (3)Add a Comment

Your email address will not be published. Required fields are marked *

*

More News
The Lloyd's Building (also known as The Inside-Out Building)and The Willis Building.MGU Carbon Underwriting Gets Initial Lloyd’s Approval to Launch New Syndicate
UK Water Companies Lambasted by Environment Agency for Sewage Releases
World Records Hottest Day While Wildfires Threaten Mediterranean
British Insurers Propose Green Infrastructure Funding Model
More News Features