August 7, 2019
MIT Technology Review reported that a Russian hacker group is linked to the Russian military intelligence agency GRU. GRU’s latest campaign is to use IoT technology like office printers connected to the internet, VOIP phone networks and even a video decoder, to penetrate corporate networks.
According to the article, the hackers going by names like Strontium, Fancy Bear, and APT28 are linked to several attacks that recently happened in Europe and North America. Microsoft’s Threat Intelligence Centre, which monitors installed machines and networks, came across Fancy Bear from April 2019.
MIT Technology Review reported that sometimes it is just a case of a high risk password like “Password” that enabled the hackers to access the networks.
On a blog, published by Microsoft, the company warns: “Once the actor had successfully established access to the network, a simple network scan to look for other insecure devices allowed them to discover and move across the network in search of higher-privileged accounts that would grant access to higher-value data.”
Microsoft issued 1,400 notifications of where it has observed Fancy Bear’s attacks. According to MIT Technology Review 20 percent of these were “global non-governmental organisations, think tanks, or politically affiliated organisations” and the remaining 80 percent were from “various sectors including government, technology, military, medicine, education, and engineering.”
Categories : Around the Industry