Advertisement

NSA warns of ongoing 'brute force' cyberattacks by Russia

July 1 (UPI) -- The National Security Agency on Thursday detailed ways in which the Russian government has used "brute force" tactics to hack into U.S. and foreign networks to steal data.

The advisory says Russian military intelligence agencies targeted multiple government and private sector victims starting in mid-2019 "and likely ongoing." The NSA blamed the Russian General Staff Main Intelligence Directorate and the Main Special Service Center, known in Russia as GRU and GTsSS, respectively, for the cyberactivity.

Advertisement

"Malicious cyber actors use brute force techniques to discover valid credentials often through extensive login attempts, sometimes with previously leaked usernames and passwords or by guessing with variations of the most common passwords," a release announcing the advisory said. "While the brute force technique is not new, the GTsSS uniquely leveraged software containers to easily scale its brute force attempts."

The NSA said once the hackers accessed networks, they collected a variety of data, including information from mailboxes. The advisory also said the actors were able to evade defense systems in the networks and that efforts were "almost certainly ongoing."

Among the targets -- centered mostly in the United States and Europe -- are government and military agencies, defense contractors, energy companies, higher education institutions, logistics companies, law firms, media companies, political consultants, political parties and think tanks.

Advertisement

The advisory called for systems administrators to mitigate the efforts, including implementing multi-factor authentication.

The NSA partnered with the Cybersecurity and Infrastructure Security Agency, the FBI and Britain's National Cyber Security Center to produce the advisory.

Latest Headlines