Russia steals information from US Defense Contractors

A high alert raised by FBI, NSA and CISA on a joint note says that some government backed hackers are busy stealing confidential information from defense contractors and the campaign to steal intelligence is going from January 2020.

Surprisingly, the stolen information also includes details about weaponry, sophistication in missile development, Warcraft designs, logistics, data analytics received from simulation centers, and also details related to the new communication infrastructure and information technology to be deployed in the war-zones.

Usually, gaining such classical information is not that easy as hackers need to involve a lot of intelligence and talent to sniff into such details. And threat actors rely on brute force attacks, credential harvesting, spear phishing and password spray techniques to wade into the military computer networks.

Therefore, all defense contractors are being requested to enable multi-actor authentication, use unique and strong passwords, introduce time based access features, and train their staff in such a way that they can mitigate the cyber risks on-time.

At the same time, keeping the OS patched with related security updates in a timely manner can also help in keeping the hackers at bay.

Note 1- Rob Joyce, the Director of Cybersecurity, NSA confirmed the news and added that the threat is expected to continue in near time.

Note 2- The advisory was issued when Russia was trying to wage a war with its neighbor Ukraine. Though it labeled its latest military positioning at the border as a mock drill, Kiev alleges the Putin led nation has launched a hybrid war in the form of cyber attacks of government websites since the beginning of last week.

Note 3- NSA calls the issued joint advisory to public and private entities as a “Shields Up” notice

Ad
Join over 500,000 cybersecurity professionals in our LinkedIn group "Information Security Community"!
Naveen Goud
Naveen Goud is a writer at Cybersecurity Insiders covering topics such as Mergers & Acquisitions, Startups, Cyber Attacks, Cloud Security and Mobile Security

No posts to display