Follow Slashdot blog updates by subscribing to our blog RSS feed

 



Forgot your password?
typodupeerror
×
Government Security United States

NSA Warns of Ongoing Russian Hacking Campaign Against US Systems (reuters.com) 25

The U.S. National Security Agency on Thursday warned government partners and private companies about a Russian hacking operation that uses a special intrusion technique to target operating systems often used by industrial firms to manage computer infrastructure. Reuters reports: "This is a vulnerability that is being actively exploited, that's why we're bringing this notification out," said Doug Cress, chief of the cybersecurity collaboration center and directorate at NSA. "We really want... the broader cybersecurity community to take this seriously." Cress declined to discuss which business sectors had been most affected, how many organizations were compromised using the Russian technique, or whether the cyber espionage operation targeted a specific geographic region.

The NSA said the hacking activity was tied directly to a specific unit within Russia's Main Intelligence Directorate, also known as the GRU, named the Main Center for Special Technologies. The cybersecurity research community refers to this same hacking group as "Sandworm," and has previously connected it to disruptive cyberattacks against Ukrainian electric production facilities. A security alert published by the NSA on Thursday explains how hackers with GRU, Russia's military intelligence, are leveraging a software vulnerability in Exim, a mail transfer agent common on Unix-based operating systems, such as Linux. The vulnerability was patched last year, but some users have not updated their systems to close the security gap.

This discussion has been archived. No new comments can be posted.

NSA Warns of Ongoing Russian Hacking Campaign Against US Systems

Comments Filter:
  • Hackers hacking. At least something's still fucking normal in the world.
    • by NFN_NLN ( 633283 )

      Maybe they're white hat hackers. Breaking into your system to apply patches. :)

      • by rtb61 ( 674572 )

        Nah, hackers from all over the world, hosting their hacking servers in Russia and never ever attacking Russian assets because you know. No treaty, no agreements, no attempt to go through proper channels and surprise, surprise, surprise, nothing happens just more political theatre.

  • Putin is also hacking the Russian elections.
    • No, he isn't. He's writing the specifications for them and him winning is part of the expected functionality. No "hacking" involved, it is all by design.

    • Huh? Why would he? There's no need to hack a system you are already root on.

      • Huh? Why would he? There's no need to hack a system you are already root on.

        Ah, but once he had to revert back to luser. So he hacked sudo, which allowed him instantiate root privileges as needed. Poot eventually regained root, though, but this time he added the sticky bit.

  • Was there ever a time in history when foreign governments weren't attempting to hack US systems? It's time to worry when they stop.

  • NSA representative warns about Russia spying.... meanwhile the US has been spying on virtually the entire planet for decades. And its not just the US that behaves in this hypocritical way... Russia, China, UK and many others too. Governments violate the privacy of citizens in other countries.. then cry persecution when other countries do it to them. And its not even a left/right thing -- both sides of the ideological aisle support mass surveillance. Spoiled children behave better -- and these are our supp
    • Well, it is not hypocrisy as long as they don't make value judgements, but just point out the risks and give technical advice on improving security.

      The incessant whining of the US government that funds them and is actually using them to spy, on the other hand...

      Works in reverse, too.

  • Would it have killed them to mention in the summary that it is a security bug in Exim and that a fix has been available for a long time? You know, the five W's, who what when why and where or how?

    Who? Russians
    What? Hacking exim, a popular email server for internet sites
    When? Right now
    Why? We can't say because we are the NSA
    Where or how? In the USA

Whoever dies with the most toys wins.

Working...