 "Russian hackers accessed sensitive US defence information for 2 yrs")
Russian state-sponsored hackers have been targeting US defence contractors for at least two years, and they acquired information on weapons, aircraft design, and combat communications systems over that period of time.
According to the Cybersecurity and Infrastructure Agency (CISA), Federal Bureau of Investigation (FBI), and National Security Agency (NSA), the state-sponsored actors have targeted both large and small cleared defence contractors (CDCs) and subcontractors with varying levels of cybersecurity protocols and resources.
These CDCs support contracts for the US Department of Defense (DoD) and Intelligence Community, the agencies said in a statement late on Wednesday.
"Russian state-sponsored cyber actors have targeted US CDCs from at least January 2020, through February 2022. The actors leverage access to CDC networks to obtain sensitive data about US defence and intelligence programmes and capabilities," said the CISA.
Compromised entities have included CDCs supporting the US Army, US Air Force, US Navy, US Space Force, and DoD and intelligence programmes.
Through these intrusions, the threat actors have acquired unclassified CDC-proprietary and export-controlled information.
"This theft has granted the actors significant insight into US weapons platforms development and deployment timelines, plans for communications infrastructure, and specific technologies employed by the US government and military," the agencies warned.
Although many contract awards and descriptions are publicly accessible, programme developments and internal company communications "remain sensitive".
In multiple instances, the threat actors maintained persistent access for at least six months.
"Although the actors have used a variety of malware to maintain persistence, the FBI, NSA, and CISA have also observed intrusions that did not rely on malware or other persistence mechanisms," said the agencies.
In instances when the actors have successfully obtained access, the FBI, NSA, and CISA have noted regular and recurring exfiltration of emails and data.
For example, during a compromise in 2021, threat actors exfiltrated hundreds of documents related to the company's products, relationships with other countries, and internal personnel and legal matters, the agencies mentioned.
The FBI, NSA, and CISA now urge all CDCs to investigate suspicious activity in their enterprise and cloud environments.
--IANS
na/dpb
(Only the headline and picture of this report may have been reworked by the Business Standard staff; the rest of the content is auto-generated from a syndicated feed.)
You’ve reached your limit of {{free_limit}} free articles this month.
Subscribe now for unlimited access.
Already subscribed? Log in
Subscribe to read the full story →
Smart Quarterly
₹900
3 Months
₹300/Month
Smart Essential
₹2,700
1 Year
₹225/Month
Super Saver
₹3,900
2 Years
₹162/Month
Renews automatically, cancel anytime
Here’s what’s included in our digital subscription plans
Exclusive premium stories online
Over 30 premium stories daily, handpicked by our editors
Complimentary Access to The New York Times
News, Games, Cooking, Audio, Wirecutter & The Athletic
Business Standard Epaper
Digital replica of our daily newspaper — with options to read, save, and share
Curated Newsletters
Insights on markets, finance, politics, tech, and more delivered to your inbox
Market Analysis & Investment Insights
In-depth market analysis & insights with access to The Smart Investor
Archives
Repository of articles and publications dating back to 1997
Ad-free Reading
Uninterrupted reading experience with no advertisements
Seamless Access Across All Devices
Access Business Standard across devices — mobile, tablet, or PC, via web or app