Stay up to date with notifications from The Independent

Notifications can be managed in browser preferences.

US busts Russian cyber operation in dozens of countries

The Justice Department says it has disrupted a long-running Russian cyberespionage campaign that stole sensitive information from computer networks in dozens of countries, including the U.S. and other NATO members

Eric Tucker
Tuesday 09 May 2023 11:43 EDT
APTOPIX Russia Victory Day Parade
APTOPIX Russia Victory Day Parade (Copyright 2023 The Associated Press. All rights reserved)

Your support helps us to tell the story

From reproductive rights to climate change to Big Tech, The Independent is on the ground when the story is developing. Whether it's investigating the financials of Elon Musk's pro-Trump PAC or producing our latest documentary, 'The A Word', which shines a light on the American women fighting for reproductive rights, we know how important it is to parse out the facts from the messaging.

At such a critical moment in US history, we need reporters on the ground. Your donation allows us to keep sending journalists to speak to both sides of the story.

The Independent is trusted by Americans across the entire political spectrum. And unlike many other quality news outlets, we choose not to lock Americans out of our reporting and analysis with paywalls. We believe quality journalism should be available to everyone, paid for by those who can afford it.

Your support makes all the difference.

The Justice Department said Tuesday that it had disrupted a long-running Russian cyberespionage campaign that stole sensitive information from computer networks in dozens of countries, including the U.S. and other NATO members.

Prosecutors linked the spying operation to a unit of Russia's Federal Security Service, or FSB, and accused the hackers of stealing documents from hundreds of computer systems belonging to governments of NATO members, an unidentified journalist for a U.S. news organization who reported on Russia, and other select targets of interest to the Kremlin.

“For 20 years, the FSB has relied on the Snake malware to conduct cyberespionage against the United States and our allies — that ends today,” Assistant Attorney General Matthew Olsen, the head of the Justice Department’s National Security Division, said in a statement.

The specific targets were not named in court papers, but U.S. officials described the espionage campaign as “consequential,” having successfully exfiltrated sensitive documents from NATO countries and also targeted U.S. government agencies and others in the U.S.

The Russian operation relied on the malicious software known as Snake to infect computers, with hackers operating from what the Justice Department said was a known FSB facility in Ryazan, Russia.

U.S. officials said they'd been investigating Snake for about a decade and came to regard it as the most sophisticated malware implant relied on by the Russian government for espionage campaigns. They said Turla, the FSB unit believed responsible for the malware, had refined and revised it multiple times as a way to avoid being shut down.

The Justice Department, using a warrant this week from a federal judge in Brooklyn, launched what it said was a high-tech operation using a specialized tool called Perseus that caused the malware to effectively self-destruct. Federal officials said they were confident that, based on the impact of its operation this week, the FSB would not be able to reconstitute the malware implant.

______

Follow Eric Tucker on Twitter at http://www.twitter.com/etuckerAP

Thank you for registering

Please refresh the page or navigate to another page on the site to be automatically logged inPlease refresh your browser to be logged in