The conflict between Russia and the US-led alliance is taking place on several fronts. And one of them is the Internet. With the right infrastructure and resources, you can use this network to access sensitive information and destabilize any rival nation. One of the most controversial chapters in this area happened in 2015. The American newspaper The Wall Street Journal reported that hackers associated with Russian intelligence, managed to gain access to the network of the NSA (US National Security Agency).
The purpose of this attack was to steal several secret documents that described the protocols for the US response to threats on the Internet, as well as the country’s strategy led by Barack Obama at the time to access the computer networks of other countries. hackers The Russians have been successful and managed to take over the American cybersecurity strategy. This chapter was very important, but before and after this event there were other similar chapters in which the main characters were the main forces of the planet. The last one is going on right now.
Russian group Midnight Blizzard launched an attack via Microsoft Teams
hackers The Russians, recruited by the Midnight Blizzard group (known as APT29 or Cozy Bear, among others), are longtime acquaintances of Western intelligence agencies. The US and UK governments say these computer security experts are closely connected to Russian intelligence (specifically the foreign intelligence service and the federal security service). This group often resorts to large-scale phishing to gather up-to-date information from countries with interests that conflict with those of Russia, as well as from large corporations and non-governmental organizations.
Its “mode of action” is to obtain the user’s credentials by impersonating an official Microsoft technical service.
His last attack began at the end of last May and continues to this day. This has been confirmed by Microsoft, which is the owner of the tool used hackers The Russians have infiltrated about 40 foreign organizations. His working method It consists in obtaining user identification data under the guise of the official technical service of Redmond. Curiously, the hackers communicate with their victims via Microsoft Teams chat, which allows them to establish a trusting relationship that some users of these organizations seem to have succumbed to.
According to Reuters, the Russian embassy in Washington, DC (USA) has not yet issued an official statement, despite the fact that the media have addressed those responsible for this conflict. And the Russian government is certainly not going to admit responsibility for this attack, which Microsoft believes was formulated by Midnight Blizzard. The people of Redmond published an article on their official blog in which they claim they are doing everything in their power to fight and limit the impact this attack.
In this post, they also offer affected organizations what they should do to stay out of the network. hackers Russians and explain what signs indicate that their computer systems may have been compromised. At the current stage, it is unlikely that the onslaught of the great powers will finally subside. We will let you know when we have more reliable information.
Cover image: Tim Miroshnichenko
More information: Microsoft | Reuters
In Hatake: Russia already has its own KP, ready to evade Western sanctions. And no, it’s not up to par.