Russian Hackers Target NATO And Eastern European Militaries, Google Says

Topline

Russian hackers accused of targeting U.S. and Ukrainian organizations have set their sights on the North Atlantic Treaty Organization and multiple Eastern European countries, Google’s Threat Analysis Group (TAG) said Wednesday, reinforcing U.S. officials’ warnings about Russian-based cyberattacks on global targets.

Key Facts

A Russian-based hacking group known as COLDRIVER or Callisto has targeted one of NATO’s Centres of Excellence military training organizations, as well as multiple unnamed Eastern European nations, Google said in a TAG blog Wednesday.

Google says these are the first observed attempts by COLDRIVER to target the NATO training center or the Eastern European countries.

The hackers attempted to carry out phishing campaigns, a type of cyberattack that seeks to steal user data like usernames, passwords or credit card information using email addresses that appear to belong to trusted entities.

Google said it is unsure whether the attacks were successful, as the hackers targeted non-Google email addresses using new Gmail accounts, but it has not spotted any successful phishing attacks on Gmail accounts during these campaigns.

COLDRIVER has also attempted phishing attacks against multiple unnamed U.S.-based non-governmental organizations, a Ukrainian defense contractor and the military of an unnamed Balkan country, Google said.

What We Don’t Know

It is unclear if COLDRIVER is backed by the Russian government.

Key Background

Officials have cautioned U.S.-based companies to be wary of Russian cyberattacks targeting critical infrastructure, as retaliation for the harsh sanctions imposed on Russia following its invasion of Ukraine. Russian hacking attempts are “very, very real—and current,” Bryan Vorndran, assistant director of the FBI’s cyber division, said before a House of Representatives panel Tuesday, according to Reuters. U.S. intelligence has detected Russian hackers scanning energy sector networks as a prelude to potential attacks, Vorndran cautioned. President Joe Biden warned of potential cyberattacks against U.S. targets by the Russian government last week, citing “evolving intelligence.” The U.S. also blamed the Russian government for cyberattacks that crashed the websites of Ukraine’s two largest banks a week before the invasion. The White House sent Anne Neuberger, the deputy national security adviser for cyber and emerging technology, to NATO to prepare allies for potential Russian cyberattacks on Ukraine and Europe nearly a month before Russia invaded.

Tangent

The Department of Justice unsealed indictments last week for Russian hackers who allegedly targeted energy companies and infrastructure worldwide between 2012 and 2018, causing a shutdown of a foreign refinery and compromising computers at a U.S. nuclear power plant. The DOJ said these cases, which were unrelated to Russia’s invasion of Ukraine, exemplify why the U.S. should be concerned about future hacking attempts.

Source: https://www.forbes.com/sites/masonbissada/2022/03/30/russian-hackers-target-nato-and-eastern-european-militaries-google-says/