FBI, NSA Reveal Details Of Russia Hacking Capabilities In Rare Public Disclosure
Russian cyberespionage has been at the forefront of the public discourse since the Mueller investigation confirmed Moscow interfered in the 2016 presidential election. Now, in a rare bit of public disclosure, the National Security Agency and FBI have released a joint report on an advanced hacking tool employed by Russia, known as “Drovorub.”
The report released Thursday said Drovorub is employed by the Russian Main Intelligence Directorate to infiltrate computer systems running Linux, which commonly is employed in the U.S. in computer servers.
“Linux systems are used pervasively throughout National Security Systems, the Department of Defense and the Defense Industrial Base -- as well as the larger cybersecurity community writ large,” Keppel Wood, chief operations officer in the NSA’s Cybersecurity Directorate, said. “The malware has the potential to have a widespread impact if network defenders don’t take action against it. … NSA is sharing this information to counter the capabilities of the GRU GTsSS, which continues to threaten the United States and its allies.”
The level of detail in today's NSA/FBI advisory is truly stunning—my favorite thing so far: NSA casually reveals that Drovorub is the codename used by GRU itself (!), and even offers a step-by-step translation https://t.co/BrfhUMymra pic.twitter.com/nFuWcR7s9z
— Thomas Rid (@RidT) August 13, 2020
In the report, the agencies attributed Drovorub and its use to the 85th Main Special Service Center (GTsSS), unit 26165. This specific team of government hackers is believed to be the same unit that was able to hack into the Democratic National Committee in 2016 although the report did not specify any other organizations that might have been attacked with Drovorub.
“Drovorub is a ‘Swiss Army knife’ of capabilities that allows the attacker to perform many different functions, such as stealing files and remote-controlling the victim’s computer,” Steve Grobman, chief technology officer for McAfee, told Reuters.
The #FBI and @NSAGov have released a cybersecurity advisory about a malware known as Drovorub. Russia’s military intelligence unit created Drovorub to target customers who use Linux systems. https://t.co/1fHzqUV8HN pic.twitter.com/lTGq5XYdM5
— FBI (@FBI) August 13, 2020
“For the FBI, one of our priorities in cyberspace is not only to impose risk and consequences on cyberadversaries but also to empower our private sector, governmental and international partners through the timely, proactive sharing of information,” the FBI said in a tweet. “This joint advisory with our partners at NSA is an outstanding example of just that type of sharing.”
© Copyright IBTimes 2024. All rights reserved.
-
Panama Papers Law Firm Boss Ramon Fonseca Dead
-
Pandemic Agreement Talks Go To The Wire
-
Low-cost MRI Paired With AI Produces High-quality Results
-
School's Out: How Climate Change Threatens Education
-
Hong Kong Demands Online Platforms Remove Banned Protest Song
-
2023 'Year Of Record Climatic Hazards' In Latin America: UN
-
Crypto Community Buzzes As Grayscale Withdraws Ethereum Futures ETF Application
-
Mongolia's Wildlife At Risk From Overgrazing
-
Milking Venom From Australia's Deadly Marine Animals
-
TikTok Challenges Potential US Ban In Court
