"In terms of general persistent activity of this team/group/unit they have been probably the more active and professional one, in contrast to other operations employed by the military for example," Michael Sandee, a researcher with Fox-IT, a Dutch digital forensics company, said in an e-mail. "Snake has been a core component of this unit's operations for almost as long as Center 16 has been part of the FSB," the affidavit said. The FBI said it was identifying the FSB unit by the name Turla. Some of the code also included the string "Ur0bUr()sGoTyOu#"- in which the word "uroboros" is partly visible. The other is Center 16, formally known as the Center for Radio-Electronic Intelligence by Means of Communication, or Military Unit 71330, which oversees the FSB's signals intelligence capabilities, including intercepting communications, decryption, and data processing.Īccording to an FBI affidavit unsealed on May 9, Snake was first developed in 2003 or 2004 by Center 16, and early versions included an image of an ancient symbol called an Uroboros - also spelled Ouroboros - in which a dragon or snake is shown eating its own tail. The first, Center 18, or the Center for Information Security, was roiled by a major treason scandal in 2019. That agency, and another called the Foreign Intelligence Service (SVR), has been accused in the hacking of U.S. Some of the most destructive known cyberweapons - Sandworm and NotPetya, for example - have been developed by Russia's military intelligence agency, known as the GRU. Russia's intelligence and security agencies have overlapping, sometimes competing cyber-operations. 'Inside Jokes, Personal Interests, And Taunts' The FSB had no comment on the allegations. In court filings unsealed the same day as the announcement, the Justice Department said that the espionage campaign was "very consequential," and that the hackers had stolen sensitive documents from NATO countries. "It's a signal to the Russian government, to the Russian intelligence services, and to say, 'We see you and we know what you're doing, and if it suits us, we will disrupt you at the time and place of our choosing.'" "What it represents is the government is taking a more proactive stance on this stuff.which has been around for more than a decade," Meyers said. government and partner agencies in the other countries to release so much information on the FSB unit, as well as arcane details of the code and programming behind the malware, was meant to send a message. cybersecurity company CrowdStrike, says the decision by the U.S. It was serious code developed by a serious team."Īdam Meyers, head of intelligence at the U.S. "The design and the malware architecture was extremely advanced, with security bypasses that were not documented at this time. The developers of the malware "were really good," said Paul Rascagneres, an IT security researcher who was among the first to identify Snake in 2014. Snake was "the most sophisticated cyber-espionage tool designed and used by Center 16 of Russia's Federal Security Service for long-term intelligence collection on sensitive targets," the U.S. This week, authorities in the United States, Britain, Canada, and two other countries announced they had effectively unplugged the malware, disrupting a powerful surveillance tool that, they said, had been developed by Center 16, a cutting-edge cyber-unit of Russia's main intelligence agency, the Federal Security Service (FSB). news organization and reported on the Russian government was reportedly targeted. The personal computer of a journalist who worked for a U.S. NATO computers were reportedly compromised. Important information was extracted and covertly sent via a network of other infected computers, hiding its tracks from easy detection, back to the code's creators.Ĭalled various names - Snake, Uroburos, Venomous Bear - the malware was suspected in a damaging hack of Germany's Foreign Ministry in 2017. For more than a decade, a unique bit of malicious computer code was burrowed in the deepest corners of Internet servers in more than 50 countries, secretly gathering data and even records of what a person might be typing on a keyboard.
0 Comments
Leave a Reply. |