Source: The Verge

Russians Hackers Target Defense Contractors to Steal Data
US Intelligence Authorities attest to the allegation

Russian Hackers suspected to be stealing data.
Source: New York Post

According to the US Intelligence authorities, Russian hackers have been the constant source of tracking since 2019-20. They have been targeting contractors and subcontractors which are primarily Pentagon-linked. They suspect that this was carried out to steal sensitive information and data.

The U.S. Intelligence community gave the warning of having observed “regular targeting” in a joint alert, published on Wednesday, February 16. They clarified this form of targeting to have been towards defense contractors which were US cleared, of varying sizes, dating way back to early 2020.

“By acquiring proprietary internal documents and email communications, adversaries may be able to adjust their own military plans and priorities, hasten technological development efforts, inform foreign policymakers of U.S. intentions, and target potential sources for recruitment,” the alert reads.

The hackers, the authorities observed, have been using effective techniques of hacking which would appear fairly basic. They used intriguing techniques such as credential harvesting, brute force attacks, spear phishing and other typically used methods of intrusion. These intrusions aided the hackers to get hold of information that was unclassified and sensitive,  along with the defense contractors.

The concern over the alleged hacking:

The question of cybersecurity has become a concern for the US, owing to recent tensions. The target towards contractors came amidst the adversary already caused between the US and Russia. This was regarding the station of 150,000 Russian troops placed around the Ukrainian borders. This had previously been the cause behind the shift of US embassy to Lviv.

Subsequently, it was seen that focus of the US-Russian relations had become cybersecurity following a series of attacks. These high-profile attacks were suspected to have originated from Moscow, or to have an indirectly Russian initiative. Though denied, the suspicions were still seen to be a cause of tension.

At a meeting between US President Joe Biden and Russian President Vladimir Putin was held in June 2021. In this particular meeting, Putin was presented a list of “specific entities,” 16 in number. This list from Biden was what the US considered off limits to such cyberattacks occurring at the moment.

The joint alert, however, did not specify any companies particularly targeted. Mostly, they were the bodies that supported forces such as the Army, Navy, Space and, the Department of Defense.

The officials of the US Intelligence pointed out that Russian hackers made use of various tactics to get access to cloud networks. Among these, many were involved, specifically emphasising on Microsoft 365.  They are suspected currently to be in the possession of some useful data. Unfortunately, it has occurred in the midst of the diplomatic US-Russian struggle.