Russians Hack Ukrainian Gas Company – Experts Comments

Russian military hackers have been boring into the Ukrainian gas company, Burisma, at the centre of the Trump impeachment affair, according to security experts.

The hacking attempts against Burisma, on whose board Hunter Biden (Joe Biden’s son) served, began in early November, as talk of the Bidens, Ukraine and impeachment was dominating the news in the United States.

It is not yet clear what the hackers found, or precisely what they were searching for. But the experts say the timing and scale of the attacks suggest that the Russians could be searching for potentially embarrassing material on the Bidens — the same kind of information that Mr. Trump wanted from Ukraine when he pressed for an investigation of the Bidens and Burisma, setting off a chain of events that led to his impeachment.

Then, as now, the Russian hackers from a military intelligence unit known formerly as the G.R.U., and to private researchers by the alias “Fancy Bear,” used so-called phishing emails that appear designed to steal usernames and passwords, according to Area 1, the Silicon Valley security firm that detected the hacking.

Subscribe
Notify of
guest

2 Expert Comments
Most Voted
Newest Oldest
Inline Feedbacks
View all comments
Andrea Carcano
Andrea Carcano , Co-founder and CPO
InfoSec Expert
January 16, 2020 12:18 pm

This is just another example of the rise in cyberattacks to critical infrastructure. A reminder that these types of threats are real and need to be addressed with pro-active participation from both the public and private sector. Nation-state attackers will continue to employ innovative or original tactics to gain access to systems, so industrial operators must be equally capable of catching these attacks from the start.

Critical infrastructure organizations including energy, transportation, water, manufacturing, and others that support everyday life, should be particularly vigilant with respect to their standard cyber security practices for operational assets, especially in these unsure geopolitical times. It is necessary to leverage security tools that provide broad operational visibility, continual network monitoring, and detection of system anomalies. The current situation demands renewed scrutiny around unusual activity, and immediate investigation of possible incidents.

Last edited 2 years ago by Andrea Carcano
Rosa Smothers
Rosa Smothers , SVP of Cyber Operations
InfoSec Expert
January 16, 2020 12:16 pm

Phishing is the go-to methodology for the Russian services to obtain a user\’s credentials and gain access to the broader target network. This put not only Burisma Holdings at risk but their subsidiaries and their vendors as well. Like any fairly sophisticated and organised hacking campaign, they also ran multiple domains that were just similar enough to legitimate Burisma domains that they went unnoticed by users. At the end of the day, the story here is one of ongoing and escalating social engineering efforts by the Russians against their targets of interest – which is why we should expect and plan for such activities during our upcoming election cycle.

Last edited 2 years ago by Rosa Smothers
Information Security Buzz
2
0
Would love your thoughts, please comment.x
()
x