It was the first time, really, where a nation-state was doing this.” This was a well-resourced, state-sponsored organization. “They’d reach a wall, and then someone with different skills and patterns would take over and break through that wall,” Gourley says. Gourley says that it was the hackers’ apparent organization and persistence that made the most lasting impression on him. By infiltrating Turla's network of hacked machines and sending the malware a command to delete itself, the US government dealt a serious setback to Turla's global spying campaigns.įrom early on, counterintelligence analysts believed that the hackers were Russian in origin, based on their real-time monitoring of the hacking campaign and the types of documents they targeted, says Bob Gourley, a former US Defense Department intelligence officer who worked on the investigation.
Last week, the US Justice Department and the FBI announced that they had dismantled an operation by Turla-also known by names like Venomous Bear and Waterbug-that had infected computers in more than 50 countries with a piece of malware known as Snake, which the US agencies described as the "premiere espionage tool" of Russia's FSB intelligence agency. Instead, connoisseurs of computer intrusion tend to name a far more subtle team of cyberspies that, in various forms, has silently penetrated networks across the West for far longer than any other: a group known as Turla. Most won't even point to Russia's notorious Sandworm hacker group, despite the military unit's unprecedented blackout cyberattacks against power grids or destructive self-replicating code. Not China's APT41, with its brazen sprees of supply chain attacks, nor the North Korean Lazarus hackers who pull off massive cryptocurrency heists.
Ask Western cybersecurity intelligence analysts who their "favorite" group of foreign state-sponsored hackers is-the adversary they can't help but grudgingly admire and obsessively study-and most won't name any of the multitudes of hacking groups working on behalf of China or North Korea.
0 kommentar(er)
