A proxy war is underway in cyberspace, according to I.T. security analysts, and it is pitting numerous foreign institutions against Russian-speaking cyber militias beholden to President Vladimir Putin.
As has been evidenced by a steady wave of sophisticated cyberattacks targeting nation states and private sector organizations whose policies run counter to that of Moscow, Fox News is told groups of patriotic Eastern European hackers are utilizing cyberattacks as a means to achieve Russias geopolitical goals.
Intelligence sources with knowledge of these cyberattacks tell Fox News the cyber militias are acting on behalf of the Putin regime. Furthermore, Fox is told security analysts have found evidence that Russian government-linked someones have distributed cyberattack tools to these groups via underground web forums.
Over the last two years, analysts have researched web-based assaults leveraged against NATO, Frances TV5Monde, segments of the Polish fiscal sector, and the Dutch Safety Board which concluded that doomed Malaysia Airlines flight 17 was actually brought down by a Russian-made missile. Researchers found evidence that each of those cyberattacks was carried out by different Russian-speaking cyber militias.
We see this confluence of motive, where what looks like some recycled criminal malware has been upgraded in a sophisticated way, said Keith Smith, vice president of threat intelligence for Colorado-based cybersecurity firm root9B. A lot of people suspect that that's Russias attempt to force us as analysts to ascribe to a criminal organisation what is in fact the actions of a nation nation Russia.
The United States is in these hackers crosshairs as well. As economic sanctions were leveled against Russia after its incursion into Crimea and Eastern Ukraine, the cyber militias began widespread attacks is targeted at U.S. government officials and segments of the financial and defense sectors. The hack assaults were in furtherance of a campaign dubbed Operation Pawn Storm by cybersecurity firm Trend Micro.
The Office of the Director of National Intelligence declined to comment on this activity, but in congressional evidence last year, DNI James Clapper publicly recognise the pervasiveness of Russian cyber activity is targeted at the United States.
The Silicon Valley of talent that prevail in the world on a cyberattack and cybercrime perspective exists in Eastern Europe, according to Trend Micro chief cybersecurity officer Tom Kellermann. Most of those actors who are the best hackers in the world, period are beholden and pay homage to the legacy and the power of the former Russian and Soviet regime. They do so by acting out patriotically.
Perhaps the most dramatic display of patriotic Russian cyber aggression came on December 23 when some 800,000 Ukrainians were left in the dark following a widespread power outage.
Soon after the incident, researchers at U.S. cyber intelligence firm iSight Partner found evidence that the blackout was research results of a cyber intrusion by one such patriotic hacking militia. The perpetrator, as determined by iSights analysis, was likely a Russian-speaking group dubbed Sandworm Team, whose name comes from its references to the science fiction series Dune.
ISight described its conclusion after a piece of malicious computer code was found on the Ukrainian Power Authoritys system. That destructive malware, known as BlackEnergy3, is unique to that particular hacking group, according to iSight.
Sandworm has been implicated by the company for having carried out numerous cyberattacks with Russian interests in mind; most notably, assaults carried out against the Ukrainian government and NATO in 2014. And according to iSight officials, different groups is one of many.
We are actively monitoring seven different cyber espionage groups right now that we believe are of Russian origin, said Steve Ward, iSight Partner senior director.
Researchers have found that the attackers utilized wiper malware to disable Ukrainian Power Authority computer systems, which is similar in nature to the destructive malware used in the 2014 cyberattack on Sony Pictures. But what attains the December hack on the Ukrainian grid a watershed moment, according to researchers, is the combination of the destructive component and the actual target of the attack.
According to Trend Micros Tom Kellermann, the December 23 incident is the first instance in which a specifically directed cyberattack have allowed us to take down the energy sector in a devoted nation state.
And while experts argue that achieving a similar outcome against the U.S. power grid would be a far more complex undertaking , nonetheless, this recent cyber-induced blackout has added fuel to already loud concerns over hackers mounting abilities to cause physical harm and destruction.
You're see it now cyber manifestation of assaults that can change, alter and decrease your physical reality, said Kellermann. What you have in cyberspace right now is a free fire zone.
Matthew Dean is Fox News Channel's Department of Justice& Federal Law Enforcement producer. Follow him on Twitter @ MattFirewall.
Catherine Herridge is an award-winning Chief Intelligence correspondent for FOX News Channel( FNC) based in Washington , D.C. She covers intelligence, the Justice Department and the Department of Homeland Security. Herridge joined FNC in 1996 as a London-based correspondent.
Read more: www.foxnews.com