Seven-Year Cyberattack Campaign Linked to Russian Government, Researchers Say

Vladimir Putin
Vladimir Putin / AP
• September 18, 2015 12:40 pm


A group of Russian hackers linked to Moscow’s government have for seven years been targeting intelligence information from governments and organizations in the United States, Europe, and Asia, according to a new report from researchers at F-Secure.

The hacking group, named "The Dukes," employed nine "unique malware toolsets" to hack computer networks and steal data, two of which are new variants that allowed researchers to connect the group to the Russian government.

"The research details the connections between the malware and tactics used in these attacks to what we understand to be Russian resources and interests," said head researcher for the investigation Artturi Lehtiö. "These connections provide evidence that helps establish where the attacks originated from, what they were after, how they were executed, and what the objectives were. And all the signs point back to Russian state-sponsorship."

The group has been using hacking techniques to bolster Russian intelligence for at least seven years. The report specified targets including the former Georgian Information Center on NATO, the Ministry of Defense of Georgia, and the ministries of foreign affairs in Turkey and Uganda.

The Russian hackers also targeted western political think tanks and government organizations.

Researcher Patrik Maldre described the report as shedding "new light on how heavily Russia has invested in offensive cyber capabilities, and demonstrate that those capabilities have become an important component in advancing its strategic interests."

"The report confirms the need for current and prospective NATO members to strengthen collective security by increasing cyber cooperation in order to avoid becoming victims of Russian information warfare, espionage, and subterfuge," Maldre said.

The report comes just a month after the Pentagon confirmed that Russia launched a "sophisticated cyber attack" on an unclassified email system used by the Joint Chiefs of Staff. The attack affected about 4,000 military and civilian employees of the Joint Chiefs of Staff, including Chairman Gen. Martin Dempsey.

Published under: Russia, Vladimir Putin