I've told you about Russian hackers here so many times, you may think those two words are permanently linked. But today's story is different. This time, it's the actual Russian government that's tied to hacking here in the U.S.
Silicon Valley security company FireEye isn't just accusing a gang of Russian hackers in its latest report - it's set sights squarely on the Russian government itself. Along with reports from Google and other assorted intelligence agencies, these reports are starting to sound pretty reliable.
I know that I've often referred to hackers as "gangs," but these security companies indicate that some of these groups might be much more dangerous than a simple "gang." The company discovered a spy tool that is suspected to have originated in Russia called "Sofacy."
The group behind Sofacy has been active since at least 2007, according to FireEye, and has targeted government networks in the Caucasus, Eastern Europe, U.S. defense contractors and NATO.
Not only that, but even the group's minor hacks have a certain amount of, well, spycraft in them. More than you'd see from a typical hacker, that's for sure.
I'll walk you through why the researchers believe these hackers to be after more than just a payoff:
- Hackers worked on the code for Sofacy between the hours of 8 a.m. and 6 p.m. local time for Moscow and St. Petersburg.
- The malware had pre-packaged countermeasures to throw investigators off the trail. After stealing data, Sofacy would encrypt and export it similarly to a victim's email traffic.
- The Sofacy malware has been updated constantly over the past seven years.
All of the evidence indicates that these hackers aren't shadowy criminals, they're computer science majors with white collar jobs. They keep regular hours, build a strong product and make sure that Sofacy stays up to date.
So what are these hackers trying to steal? In its report, Fire Eye writes, "(Sofacy) has been targeting privileged information related to governments, militaries and security organizations that would likely benefit the Russian government."
While the FBI director compared Chinese hackers to "drunks," this dangerous Russian computer espionage team could pose a much more dangerous threat.