Russian state-sponsored threat actors have targeted US military contractors, stealing sensitive information, the US intelligence agencies claimed on Wednesday, as US-Russia tension grows amid the Russian stance in Ukraine.
According to the alert by CISA, FBI, and NSA, the authorities have observed “regular targeting” of military contractors from January 2020 through this month. These intrusions have allowed threat actors to steal “sensitive unclassified information, as well as [cleared defense contractor]-proprietary and export control technology.”
— The Hill (@thehill) February 16, 2022
The alert by the US intelligence agencies did not specify the companies targeted, but the officials did say that the sensitive information stolen could help the adversaries to “adjust their own military plans and priorities.” But the companies that are targeted support the Department of Defense, Army, Air Force, Navy, and Space Force.
“This theft has granted the actors significant insight into U.S weapons platforms development and deployment timelines, plans for communications infrastructure, and specific technologies employed by the US government and military,” said the Department of Homeland Security.
According to the notice, the contracted companies offer services like weaponry, vehicle and aircraft design, missile development, intelligence, surveillance, and targeting.
The advisory comes during high tension between the US and Russia, and more than 150,000 Russian troops get deployed on the borders of Ukraine. According to the intelligence agencies, hackers are using various tactics to compromise networks, mainly focusing on Microsoft vulnerabilities.
Russia has denied the responsibility behind the cyberattacks, even after facing repeated accusations of sponsoring attacks in various countries. Russian operatives were allegedly involved in leaking emails during Hilary Clinton’s presidential campaign in 2016. Russian hackers have also been involved in some major hacks in the past, like the attack on a major meat processor company gas pipeline, among others.
Recently, Russia was accused of launching a massive cyberattack on Ukraine’s defense ministry and other government agencies. Even though the Ukrainian government said they are 99.99% sure that Russia is behind the attack, the US Under Secretary of State Nuland did not blame Russia directly but said that Russian sponsored hackers use similar tactics as seen in the Ukrainian cyberattacks.
In light of the current US-Russia tension, DHS has made a public announcement warning American companies and businesses to be prepared for potential cyberattacks. British National Cyber Security Centre (NCSC) has also warned UK firms to bolster their defenses against potential Russian attacks.