Disclaimer: We may earn a commission if you make any purchase by clicking our links. Please see our detailed guide here.

Follow us on:

Google News

US Defense Info Accessed for 2 Yrs by Russian Hackers

Join the Opinion Leaders Network

Join the Techgenyz Opinion Leaders Network today and become part of a vibrant community of change-makers. Together, we can create a brighter future by shaping opinions, driving conversations, and transforming ideas into reality.

Russian state-sponsored hackers have been targeting US defense contractors for at least two years, and they acquired information on weapons, aircraft design, and combat communications systems.

According to the Cybersecurity and Infrastructure Agency (CISA), Federal Bureau of Investigation (FBI), and National Security Agency (NSA), the state-sponsored actors have targeted both large and small cleared defense contractors (CDCs) and subcontractors with varying levels of cybersecurity protocols and resources.

These CDCs support contracts for the US Department of Defense (DoD) and Intelligence Community, the agencies said in a statement late on Wednesday.

“Russian state-sponsored cyber actors have targeted US CDCs from at least January 2020, through February 2022. The actors leverage access to CDC networks to obtain sensitive data about US defence and intelligence programmes and capabilities,” said the CISA.

Compromised entities have included CDCs supporting the US Army, US Air Force, US Navy, US Space Force, and DoD and intelligence programs.

The threat actors have acquired unclassified CDC-proprietary and export-controlled information through these intrusions.

“This theft has granted the actors significant insight into US weapons platforms development and deployment timelines, plans for communications infrastructure, and specific technologies employed by the US government and military,” the agencies warned.

Although many contract awards and descriptions are publicly accessible, program developments and internal company communications “remain sensitive”.

The threat actors maintained persistent access for at least six months in multiple instances.

“Although the actors have used a variety of malware to maintain persistence, the FBI, NSA, and CISA have also observed intrusions that did not rely on malware or other persistence mechanisms,” said the agencies.

In instances when the actors have successfully obtained access, the FBI, NSA, and CISA have noted regular and recurring exfiltration of emails and data.

For example, during a compromise in 2021, threat actors exfiltrated hundreds of documents related to the company’s products, relationships with other countries, and internal personnel and legal matters, the agencies mentioned.

The FBI, NSA, and CISA now urge all CDCs to investigate suspicious activity in their enterprise and cloud environments.

Join 10,000+ Fellow Readers

Get Techgenyz’s roundup delivered to your inbox curated with the most important for you that keeps you updated about the future tech, mobile, space, gaming, business and more.


Partner With Us

Digital advertising offers a way for your business to reach out and make much-needed connections with your audience in a meaningful way. Advertising on Techgenyz will help you build brand awareness, increase website traffic, generate qualified leads, and grow your business.

Power Your Business

Solutions you need to super charge your business and drive growth

More from this topic