More reports on: Telecom

Cyber espionage campaign had leaders, institutions under scrutiny for years: reports

14 October 2014

A cyber espionage campaign said to be operating from Russia had targetted government leaders and institutions for around five years, researchers with iSight Partners, who had examined code used in the attacks said, reported.

The campaign, named ''Sandworm'' was believed to have been in operation since 2009 and had used a wide-reaching zero-day exploit uncovered by the researchers that affected nearly every version of the Windows operating system released since Windows Vista.

Although iSight had been able to uncover only a small proportion of the number of victims targeted in the campaign, the victims included among others, the North Atlantic Treaty Organization, Ukrainian and EU governments, energy and telecommunications firms, defence companies, and at least one academic in the US who was singled out for his focus on Ukrainian issues.

Also under watch were attendees of this year's GlobSec conference, a high-level national security gathering that attracted foreign ministers and other top leaders from Europe and elsewhere each year.

It appeared Sandworm was focused on grabbing documents and emails containing intelligence and diplomatic information about Ukraine, Russia and other topics of importance in the region.

It however also attempted to steal SSL keys and code-signing certificates, which according to iSight, the attackers probably used to further their campaign and breach other systems.

Meanwhile, Bloomberg reported that Russian hackers had targeted sensitive documents related to the recent NATO summit in Wales, leveraging a security flaw in Microsoft Windows that affected tens of millions of computers, according to a report by a security firm.

The attack formed part of a two-year Russian espionage campaign which pointed to Russia's growing appetite for intelligence on the US and European response to its moves in Ukraine and elsewhere.

The hackers were looking for so much information in such a hurry that they slipped up on covering their tracks, according to iSight Partners, the Dallas-based security firm that uncovered the campaign.

The state backed hackers targeted scores of computers belonging to the governments of Ukraine and at least one nation in Western Europe, NATO as also a Polish energy company. In some cases they used a zero-day vulnerability in Microsoft Windows, one of the most common computer operating platforms in the world, iSight analysts discovered.

 search domain-b