FBI et al. Announce that Russian government-backed hackers have been stealing sensitive information from the defense-related military industry for years



The United States Cybersecurity and Infrastructure Security Agency (CISA), Federal Investigative Service (FBI), and Cybersecurity and Infrastructure Security Agency (NSA) announced on February 16, 2022, at least between January 2020 and February 2022. Jointly announced that a hacker at the behest of the Russian government was found to have repeatedly stolen information from major US military companies.

Russian State-Sponsored Cyber Actors Target Cleared Defense Contractor Networks to Obtain Sensitive US Defense Information and Technology | CISA
https://www.cisa.gov/uscert/ncas/alerts/aa22-047a

NSA, FBI, CISA Release Advisory on Protecting Cleared Defense Contractor Networks Against Years-Long Activity by Russian State-Sponsored Actors> National Security Agency / Central Security Service> Article
https://www.nsa.gov/Press-Room/News-Highlights/Article/Article/2935170/nsa-fbi-cisa-release-advisory-on-protecting-cleared-defense-contractor-networks/

US says Russian state hackers breached defense contractors
https://www.bleepingcomputer.com/news/security/us-says-russian-state-hackers-breached-defense-contractors/

This time, the FBI and others warned that they were the target of Russia's state-sponsored hackers, the cleared defense contractors (CDC), who have access to the U.S. Department of Defense's secret classification materials. And its contractors.



These companies contracted with the Department of Defense to design and develop important military areas, including:
・ Command, control, communication, combat system
・ Intelligence, surveillance, reconnaissance, targeting
・ Development of weapons and missiles
・ Vehicle and aircraft design

According to the CISA, a hacking group backed by the Russian government broke into multiple CDC networks and, in some cases, hacked continuously for at least six months, resulting in a large number of documents and emails on a regular basis. He said he was stealing other data.

Although it does not specifically mention what kind of confidential information was stolen, CISA said, 'The information obtained by hackers is the development and deployment schedule of the US weapons platform, military vehicle specifications, communication infrastructure and information. It was a content that gave me a fairly deep understanding of the technical plans, etc. ', indicating that it is highly possible that important information was leaked.

In response, the NSA said, 'All CDCs, with or without evidence of infringement, have been compromised by cyber-attackers with Russia's national support, taking the defenses in our recommendations. We recommend reducing the risk. This defense is not intended to prevent any attacks, but it does address the attack techniques identified in the compromises identified this time and is against common malicious attacks. It will be a defensive measure, 'he said, requesting defense-related companies to thoroughly implement security measures.

in Security, Posted by log1l_ks