Article 5KV10 Russian hackers are trying to brute-force hundreds of networks

Russian hackers are trying to brute-force hundreds of networks

by
WIRED
from Ars Technica - All content on (#5KV10)
russia-today-800x494.jpg

Enlarge / "People really still use '1234567' as a password? Really?" (credit: Kremlin official photo)

The discovery of Russia's devastating SolarWinds spy campaign put the spotlight on the sophisticated supply chain hijacking techniques of Moscow's foreign intelligence hackers. But it's now apparent that, throughout that SolarWinds spying and its fallout, another group of Kremlin hackers has kept up up their usual daily grind, using basic but often effective techniques to pry open practically any vulnerable network they could find across the US and the global Internet.

On Thursday the NSA, the FBI, the DHS's Cybersecurity and Infrastructure Security Agency, and the UK's National Cybersecurity Centre issued a joint advisory warning of hundreds of attempted brute-force hacker intrusions around the world, all carried out by Unit 26165 of Russia's GRU military intelligence agency, also widely known as Fancy Bear or APT28. The hacking campaign has targeted a broad swath of organizations, including government and military agencies, defense contractors, political parties and consultancies, logistics companies, energy firms, universities, law firms, and media companies. In other words, practically every sector of interest on the Internet.

wired-logo.png

The hacking campaign has used relatively basic techniques against those targets, guessing usernames and passwords en masse to gain initial access. But cybersecurity agencies warn that the Fancy Bear campaign has nonetheless successfully breached multiple entities and exfiltrated emails from them-and that it's not over.

Read 10 remaining paragraphs | Comments

index?i=Nve8NL31rbM:cEzDbE1vXlY:V_sGLiPB index?i=Nve8NL31rbM:cEzDbE1vXlY:F7zBnMyn index?d=qj6IDK7rITs index?d=yIl2AUoC8zA
External Content
Source RSS or Atom Feed
Feed Location http://feeds.arstechnica.com/arstechnica/index
Feed Title Ars Technica - All content
Feed Link https://arstechnica.com/
Reply 0 comments