Study Finds Russia|Behind Cyberattacks

     (CN) – A group of hackers known for using malware programs to break into government databases has been working for the Russian government since 2008, according to a report released Wednesday.
     The study conducted by the Finnish online privacy and security firm F-Secure says the cyberespionage group known as “the Dukes” is responsible for cyberattacks on Western governments, think tanks and other criminal organizations.
     The Dukes’ trail of cyberattacks began in 2008 through a malicious Adobe Acrobat file and targeted government agencies in Eastern Europe. The group is responsible for at least a dozen international incidents, the report said.
     “Their targets have also included the governments of members of the Commonwealth of Independent States; Asian, African and Middle Eastern governments; organizations associated with Chechen extremism; and Russian speakers engaged in the illicit trade of controlled substances and drugs,” the report stated.
     The 33-page report titled “The Dukes: Seven Years of Russian Cyberespionage” said the group busts into secure databases through a combination of “smash-and-grab” attacks and smaller, more stealthy intrusions. The Dukes use phishing emails to deploy malware programs onto their targets, and their arsenal has been studied by other malware researchers including the Palo Alto Research Center.
     F-Secure researchers discovered the Dukes’ Russian ties by noticing Russian error codes and the hackers’ pattern of operating during Moscow working hours. The report also says the group’s cyberattacks focus solely on targets of interest by the Russian government, including criminal organizations and ministries of defense.
     “We are confident in our conclusion that the Dukes’ primary mission is the collection of intelligence to support foreign and security policy decision-making,” the study said.
     In several instances the Dukes’ hacking methods have been uncovered by security agencies, but the group immediately resumes its cyberespionage without fear of retribution, according to the study.
     “This apparent disregard for publicity suggests, in our opinion, that the benefactors of the Dukes is so powerful and so tightly connected to the group that the Dukes are able to operate with no apparent fear of repercussions on getting caught. We believe the only benefactor with the power to offer such comprehensive protection would be the government of the nation from which the group operates.”
     Recent cyberattacks on the White House and the U.S. Department of State have been tied to similar malware programs used by the Dukes. In April, hackers were able to retrieve information about the President’s schedule and other nonclassified information.
     F-Secure’s report highlights the importance for NATO and Western governments to improve cybersecurity in order to deal with highly funded Russian hacker groups such as the Dukes, said Patrik Maldre of the International Center for Defense and Security.

%d bloggers like this: