GRU working with Russian hacktivist groups

 GRU working with Russian hacktivist groups

Russian hacktivist groups appear to be working with the GRU, Russia’s military intelligence agency, as part of the war in Ukraine, evidence uncovered by researchers at Google-owned security company Mandiant has revealed.

Russian security forces are working closely with hacktivists, a new report suggests (Photo by DZMITRY SCHAKACHYKHIN/Shutterstock)

A new report from Mandiant, which was acquired by Google earlier this month, identifies three hacktivist groups – online vigilantes who seek to disrupt organizations for political purposes – that its analysts believe are actively working with the GRU to attack Ukraine’s allies.

The report, the findings of which were first published in the Wall Street Journal, says the current cybercrime situation in Russia is unprecedented. “We have never previously observed such a volume of cyberattacks, variety of threat actors, and coordination of effort within the same several months,” it says.

Is Russia’s GRU working with hacktivist groups?

Mandiant’s researchers have identified four occasions where cyberattacks carried out by the GRU appear to have been co-ordinated with hacktivist activity.

On each occasion, GRU-linked hackers have installed wiper software on the victim’s systems to disrupt networks and steal information. Within 24 hours of each attack, hacktivist groups were seen leaking data stolen in the attacks online.

The report identifies a trio of pro-Russia hacktivist gangs – XakNat Team, Infoccentr and CyberArmyofRussia_Reborn – as being involved in these incidents.

John Hultquist, vice president of intelligence analysis at Mandiant, said the groups “cannot be taken lightly”. I told the WSJ that their links with the GRU “are hard to ignore and they suggest the relationship isn’t incidental”.

Russia’s war in Ukraine and the return of hacktivism

Cybersecurity experts have suspected Russian hackers of working closely with the government since the war in Ukraine began. Several prominent hacking groups have come out in support of Vladimir Putin’s regime, and analysts say such public declarations of allegiance can help gangs curry favor with the Russian police.

Content from our partners
Unlocking the value of artificial intelligence and machine learning

Behind the priorities of tech and cybersecurity leaders

Corporate ransomware attacks: It's only a matter of when, not if

Hacktivists have also been coming to Ukraine’s aid. At the start of the war, Ukraine’s Minister of Digital Transformation Mykhailo Fedorov called on anyone with “digital talents” to join what he described as an “IT army”. A Telegram group set up for the initiative quickly gained more than 34,000 members, and this week it was reported that the IT army had stolen personal details of mercenaries recruited to take part in the war by the Wagner Private Military Company, a Russian organization.

While these actions can help the war effort, the unpredictability of hacktivists means they can inadvertently undermine other cybersecurity operations. Speaking at the CyberUK conference earlier this year, the NSA’s head of cybersecurity, Rob Joyce, said the IT Army were “trying to do the noble thing” but warned that their actions could be problematic for security services.

Source link

Related post