Russian-backed hackers targeted US defense contractors to obtain sensitive information
The attacks date back to at least the start of 2020.
Starting as early as January 2020, Russian state-sponsored hackers have repeatedly targeted American defense contractors, according to the Cybersecurity and Infrastructure Agency (CISA). In an alert spotted by The Verge, the agency said on Wednesday that Russian-backed actors have spent the past two years targeting contractors with US security clearance. What's more, those activities allowed them to obtain sensitive information and export-controlled technologies, said CISA.
Those hackers cast a wide net, targeting companies with contracts involving weapons and missile development, as well as vehicle and aircraft design, among other sensitive areas of work for the Department of Defense. CISA makes no mention of those actors obtaining classified documents, but the agency notes they went after both large and small targets. Alongside the FBI and NSA, CISA anticipates Russian-backed hackers will continue to target defense contractors in the near future.
“The acquired information provides significant insight into US weapons platforms development and deployment timelines, vehicle specifications and plans for communications infrastructure and information technology,” said CISA. “By acquiring proprietary internal documents and email communications, adversaries may be able to adjust their own military plans and priorities, hasten technological development efforts, inform foreign policymakers of US intentions and target potential sources for recruitment.”
The advisory comes as tensions between the US and Russia continue to escalate over a potential invasion of Ukraine. In recent weeks, the country has faced multiple cyberattacks, with the most recent coming earlier this week. Ukraine’s defense ministry and two of its state-owned banks suffered denial-of-service attacks. The attacks weren’t directly attributed to Russian-backed actors, but the country blamed its neighbor last month for a campaign that hobbled dozens of government websites.