Malware

Russia Plays the Cybervictim Card

Russia’s Federal Security Service, or FSB, recently reported that it found a cyberspying virus in the computer networks of more than 20 state authorities and defense contractors.

The claim that malware has infected various government and defense companies, published last month by Russia’s official TASS news agency, came in the midst of a flurry of accusations that Russia has engaged in cyberattacks against U.S. targets in an effort to impact the presidential election.

The Federal Security Service revealed virus software for cyberspying in computer networks of about 20 organizations in Russia.

The attack was aimed at information resources of the state authorities, scientific and defense companies, the defense industry, and other infrastructure operations, the organization said.

Targeted Attacks

The malware was targeted — a virus that was professionally planned, created and spread, TASS reported.

Based on an analysis of the style of programming, file names, parameters of use and other factors, the virus was similar to the software used in a previous high-profile cyberspying incident discovered within the Russian Federation and around the globe, TASS reported.

New sets of the malware are made individually for every target, taking into account the unique features of attacked machines, according to the TASS report. The virus is spread through electronic messages that contain a malicious attachment.

After the software gets inside a computer system, the virus launches modules that allow it to intercept network traffic, listen to the traffic and create screen shots. It can turn on Web cameras and microphones inside a computer, copy audio and video files, and record keystrokes.

The FSB is working with various ministries and authorities to finalize efforts to reveal all of the targets in the Russian Federation and to minimize the impact of the attack, according to the report.

Kindly Shut Up

Malware has infected various government and defense companies at a time when the U.S. and Russia are embroiled in a high-profile cyberdebate.

Russian hackers linked to the country’s intelligence services in recent months have been implicated in cyberattacks on the computer systems of the Democratic National Committee, the Hillary Clinton presidential campaign, and other political and government organizations.

Russian officials vehemently denied any link to the attacks, and the FBI has not attributed them to any specific organizations.

“I do not have any additional information with regard to the reported recent cybersecurity breach in some organizations in Russia,” said Russian Embassy spokesperson Yuri Melnik.

“I believe that all related comments, if any, will be issued by relevant authorities in Russia,” he told TechNewsWorld.

“The investigation is ongoing,” Melnik said, and requested that we “kindly refrain from groundless allegations about the origins of the breach.”

Dancing Bears

The FBI last month launched a probe into Wikileaks’ online publication of information stolen from the Democratic National Committee, some of which appeared damaging to the Democratic Party.

CrowdStrike previously had linked the DNC attack to Russian-based hackers who operated under the names “Cozy Bear” and “Fancy Bear.”

Cyberspying is considered standard practice among nations, noted Martin Libicki, adjunct senior management scientist at Rand.

“The primary objection to what the Russians did was not that they broke into the DNC — it is that they released the information they took, presumably for the purpose of influencing the U.S. election,” he told TechNewsWorld.

The concern about the breach of related systems, including the Clinton campaign and the Democratic Congressional Campaign Committee, was that the information obtained from those organizations would be used to exercise untoward influence, Libicki suggested.

There is growing concern in the U.S. that Russia may use its capabilities to influence electronic voting systems, which would “attack the integrity of the U.S. elections process,” he added.

Although cyberattacks may have targeted the Russian Federation, that would not necessarily mean the U.S. was behind them. Even if it were, that would not necessarily mean that the information obtained would be used for anything more than intelligence purposes.

David Jones is a freelance writer based in Essex County, New Jersey. He has written for Reuters, Bloomberg, Crain's New York Business and The New York Times.

Leave a Comment

Please sign in to post or reply to a comment. New users create a free account.

More by David Jones
More in Malware

Technewsworld Channels