Russian Cyberthreat Expands to Defense Sector

News  |  Feb 7, 2018

An Associated Press investigation reveals Russian hackers – the same hackers who attacked the Democratic National Committee during the 2016 election – have targeted and tricked contract workers in the defense technology sector, gaining access to their email accounts. 

AP:

The hackers known as Fancy Bear, who also intruded in the U.S. election, went after at least 87 people working on militarized drones, missiles, rockets, stealth fighter jets, cloud-computing platforms or other sensitive activities, the AP found.

(...)

"The programs that they appear to target and the people who work on those programs are some of the most forward-leaning, advanced technologies," said Charles Sowell, a former senior adviser to the U.S. Office of the Director of National Intelligence, who reviewed the list of names for the AP. "And if those programs are compromised in any way, then our competitive advantage and our defense is compromised."

"That's what's really scary," added Sowell, who was one of the hacking targets.

The hackers targeted mostly personal Gmail accounts.

Personal accounts can convey snippets of classified information, whether through carelessness or expediency. They also can lead to other more valuable targets or carry embarrassing personal details that can be used for blackmail or to recruit spies.

The AP says U.S. drone technology, space program advancements, and cloud-based services seem to be of particular interest to the Russians.

Fifteen of the targets identified by the AP worked on drones — the single largest group of weapons specialists.

Countries like Russia are racing to make better drones as the remote-control aircraft have moved to the forefront of modern warfare. They can fire missiles, hunt down adversaries, or secretly monitor targets for days — all while keeping human pilots safely behind computer controls.

(...)

The Russians also appeared eager to catch up in space, once an arena for Cold War competition in the race for the moon. They seemed to be carefully eyeing the X-37B, an American unmanned space plane that looks like a miniature shuttle but is shrouded in secrecy.

(...)

The hackers tried to get into the Gmail accounts of a cloud compliance officer at Palantir and a manager of cloud platform operations at SAP National Security Services, two companies that do extensive government work. Another target was at Mellanox Federal Systems, which helps the government with high-speed storage networks, data analysis and cloud computing. Its clients include the FBI and other intelligence agencies.

But in spite of all this information about ongoing Russian cyberthreats, U.S. officials seem to be lagging behind in figuring out how to respond. 

[O]f the 31 targets reached by the AP, just one got any warning from U.S. officials.

(...)

The Defense Security Service, which protects classified U.S. technology and trains industry in computer security, focuses on safeguarding corporate computer networks. "We simply have no insight into or oversight of anyone's personal email accounts or how they are protected or notified when something is amiss," spokeswoman Cynthia McGovern said in an email.

While Russia lacks the immediate resources to act on stolen defense information, that may not last long. 

Even successful hacks might not translate into new weapons for Russia, where the economy is weighed down by corruption and international sanctions.

However, experts say Russia, while still behind the U.S., has been making more advanced drones in recent years. Russian officials have recently been bragging as their increasingly sophisticated drones are spotted over war zones in Ukraine and Syria.

Full story: Russian hackers hunt hi-tech secrets, exploiting US weakness (AP)