Russian Cyber Spying Campaign – Diplomatic Targets in U.S
It has been reported that a broadly reported Russian cyber spying campaign against diplomatic targets in United States and other places has been using earlier unknown failings in software to entertarget machines.
The spying scheme had been detected by U.S. cyber-security firm FireEye Inc. and had targeted an agency of an overseas government which was in discussion with the US with regards to sanctions policy. However the attack was stalled before the group could extract any data. This was disclosed in a blog post by the company.
FireEyeis a security company which is investigating the matter. A prominent U.S. security company, FireEye Inc.; informed that the spying effort took advantage of holes in Adobe Systems Inc.’s Flash software to view the active content and Microsoft Corp’s global Windows operating system.
It is said that the campaign has been connected by other firms to a serious breach at U.S. State Department computers. It is also believed that the same hackers have broken into the White House machines which held the unclassified though sensitive information, like the president’s travel schedule.
FireEye has been extending support to agencies investigating the attacks but has refrained from commenting on whether the spies are the same ones who had entered the White House since that would be classified as secret.
It has been stated by FireEye that Adobe had provided a solution for the security weakness in order toprotect users with most current versions.
The Microsoft issue is less dangerous because it involves improved powers on a computer from that of ordinary user. According to a spokesman it was reported that the company was working on a patch.
FireEye, in October had indicated that the group called Advanced Persistent Threat 28 – APT28 was at work since 2007 and had directed U.S. defence attaches as well as military contractor, NATO alliance offices and government officials in Georgian together with other countries of special interest to the Kremlin. Several days prior to the report, Trend Micro Inc. security firm had described the campaign known as `Pawn Storm’, against computers in the State Department, Russian protestors, NATO and the other Eastern European nations.
Since APT28 and the Pawn Storm had used some of the same tools, hitting the same target, other information security professionals were of the conclusion that they were the same hackers.
Pawn Storm Hackers – Increased their Activity
Zero-day weaknesses are exceedingly hunted after by hackers due to their vulnerabilities which have not been earlier detected and hence there is no immediate defense.
According to an October report of FireEye, APT28’s focus have included North Atlantic Treaty Organization’s special operations headquarters, the governments of Poland and Hungary besides the ministries of defense and internal affairs in Georgia that have fought with Russia in 2008.
Trend Micro recently informed that the Pawn Storm hackers had increased their activity and had targeted blogger who had interviewed President Barrack Obama. It was also disclosed that the group could have stolen online credentials of a military correspondent at an unnamed major U.S. newspaper.
Though the security flaws that were by APT28 were new, it was considered that the group were highly skilled. The latest report seems to be generated by rival firms ahead of the RSA Conference to take place soon in San Francisco, which is the largest annual technology security assembly in the country.