Russian Government ‘Condoned’ Cyber Attacks on West

Written by

The Putin administration has effectively given its blessing to cyber attacks on Western banks and retailers, according to Mandiant founder Kevin Mandia.

The former Pentagon man, whose firm exposed Shanghai-based PLA Unit 61398 last year as the source of prolific hacking activity, said Russia had stepped up its activity of late.

“The Russians are much more aggressive right now across the board – both government and criminal elements – and we’re having a tough time distinguishing between the two,” he told the Australian Financial Review from Canberra.

“It stretches credulity that Russian law enforcement and intelligence services, who monitor a hell of a lot of what their people do online, are not aware of what Russian hackers are doing,” he added, saying that he was “certain the Russian government was condoning the compromises.”

Just a fortnight ago, Mandiant company FireEye released a new intelligence report detailing the activities of APT28. This new state-sponsored group has apparently been in operation since 2007 and is focused on geopolitical targets like Eastern European governments and NATO that betray Moscow’s hand.

Russian hackers are also thought to be behind the BlackEnergy attacks on US industrial control systems outlined by the ICS-CERT a fortnight ago.

Chris McIntosh, CEO of comms firm ViaSat UK, argued that the threat to CNI has grown as more systems become internet connected.

“The most effective approach now that the threat has been detected is to assume all IT security measures have already been compromised and working backwards on this basis,” he added.

“This forms part of a holistic approach to ensure that information is secure from point to point; that workers have peace of mind that they are not putting the organization, themselves or customers at threat and that organizations can be confident that their IT risks have been mitigated.”

News has also emerged that the Russian defense ministry may be throwing up to $500 million at a recruitment drive for a new division of the army focused on cyber threats.

Dan Holden, director of ASERT at Arbor Networks, claimed the news is to be expected, given the expansion of US capability in this area.

“France and other NATO countries have also announced and have been investing in these so called ‘cyber armies’,” he added.

“North Korea and Iran, both with significant sanctions against them, have also built up cyber forces. As we’ve seen for years now the geo-politics worldwide are now reflected in the cyber realm and Russia, like others, is modernizing to reflect this new reality.”

What’s hot on Infosecurity Magazine?