Great Britain

Russian intelligence poses new cyber attack threat, UK and US security agencies say

Russian intelligence has been accused by America and Britain of carrying out cyber attacks using new techniques, after it was exposed for hacking of targets ranging from Covid vaccine supply chains to the US agency safeguarding its nuclear stockpile.

The Russian foreign intelligence service, SVR, was blamed for the cyber attacks last year, described as the worst ever in the US, with seven other countries, including the UK, also affected.

Now the FBI and the NSA (National Security Agency) in the US, and NCSC (National Cyber Security Centre) in the UK has warned that “ SVR cyber operators” have reacted to previous investigations by changing their “TTP [tactics, techniques and procedures] in an attempt to avoid further detection and remediation efforts by network defenders.” The group has also been observed making use of numerous vulnerabilities, the security agencies said in a report.

The report added that “these changes included the deployment of the open-source tool Sliver in an attempt to maintain their accesses.” As in previous operations, the SVR are said to be making use of clandestine hacking groups called Cozy Bear, the Dukes and APT 29.

Sliver is an open source red team framework used to perform security testing. Open source pen-testing tools, such as Sliver and Cobalt Strike, are used by a variety of hackers. Using these mean they do not need to develop bespoke tooling in order to penetrate target networks.

A security official said: “the  SVR actors have used these techniques to target a variety of organisations globally, including in the UK, US, EU and NATO countries. This includes, but is not necessarily limited to, government, diplomatic, think-tank, healthcare and energy targets.”   

Russian intelligence started changing its technique say the American and British agencies, after they,  along with Canada’s Communications Security Establishment (CSE),  revealed in July last year that the group APT29 has targeted organisations involved in Covid vaccine developments in the UK, US and Canada . 

They concluded that it was “highly likely with the intention of stealing information and intellectual property relating to the development and testing of Covid-19 vaccines.” The hacking group was “using custom malware known as ‘WellMess’ and ‘WellMail’ to target a number of organisations globally” said the agencies in a report. 

Political as well as security issues have surfaced in America following last year’s attack. Donald Trump, who allegedly benefitted from Kremlin interference to win the 2016 election, including the hacking of Democratic National Party computers and Hillary Clinton’s emails, made no comment.

President-elect Joe Biden, waiting for his inauguration declared in contrast: “I want to be clear, my administration will make cybersecurity a top priority at every level of government, and we will make dealing with this breach a top priority from the moment we take office.

Football news:

Smertin recalls Euro 2004: he almost fought in the joints, defended against the young Cristiano and understood the excitement of the Bridge
Gareth Southgate: We shouldn't be football snobs. In matches with top teams, diversity is important
Leonid Slutsky: I am still sure that the Finnish national team is the outsider of our group. They were very lucky against Denmark
I'm not a racist! Arnautovic apologized for insulting the players of the national team of North Macedonia
Gary Lineker: Mbappe is a world-class star, he will replace Ronaldo, but not Messi. Leo does things that others are not capable of
The Spanish fan has been going to the matches of the national team since 1979. He came to the Euro with the famous drum (he could have lost it during the lockdown)
Ronaldo removed the sponsored Coca-Cola at a press conference. Cristiano is strongly against sugar - does not even advertise it