+

Cookies on the Business Insider India website

Business Insider India has updated its Privacy and Cookie policy. We use cookies to ensure that we give you the better experience on our website. If you continue without changing your settings, we\'ll assume that you are happy to receive all cookies on the Business Insider India website. However, you can change your cookie setting at any time by clicking on our Cookie Policy at any time. You can also see our Privacy Policy.

Close
HomeQuizzoneWhatsappShare Flash Reads
 

Russian security agents have been using a secret network of corrupted computers to spy on NATO for decades, but the US just busted it open, feds say

May 10, 2023, 02:51 IST
Business Insider
A view shows decorations installed ahead of Victory Day, marking the anniversary of the victory over Nazi Germany in World War Two, in front of the Federal Security Service (FSB) building on Lubyanka Square in Moscow, Russia May 8, 2023.REUTERS/Maxim Shemetov
  • US authorities have busted open a secret computer network run by Russian security agents.
  • The network is around 20 years old and has targeted the US and its NATO allies, officials said.
Advertisement

US authorities cracked open a secret network of compromised computers that Russian security agents built and have been using to spy on NATO members for years, the Justice Department revealed on Tuesday.

The FBI managed to disrupt a global network of computers that had been compromised by a "sophisticated malware" known as "Snake," the Justice Department said in a statement. To do this, the agency carried out a court-authorized operation to disable Snake on compromised computers by using a tool that instructed the malware to destroy itself.

For nearly two decades, a unit within Russia's Federal Security Service (FSB) — successor to the Soviet-era KGB — has used Snake to target and steal sensitive documents from computer systems in dozens of countries across the world, including NATO members, the Justice Department said.

"We consider Snake to be the most sophisticated cyber espionage tool in the FSB's arsenal," the Cybersecurity and Infrastructure Security Agency (CISA) said in an advisory on Tuesday. "Globally, the FSB has used Snake to collect sensitive intelligence from high-priority targets, such as government networks, research facilities, and journalists."

CISA detailed one specific case where FSB agents managed to use Snake to "access and exfiltrate sensitive international relations documents, as well as other diplomatic communications" through a victim in an unspecified NATO country. Within the US, the FSB has "victimized" several sectors, including government facilities, critical manufacturing, financial services, education, media organizations, and small businesses, the advisory said.

Advertisement

According to an FBI affidavit, the agency worked with US intelligence partners and foreign governments to investigate how Snake worked. The FSB used Snake to pull data from sensitive computer systems — including those run by NATO governments — and transmit the data through compromised systems in the US before it got transmitted back to Russia. Doing so made it difficult for victims to uncover how the network was connected.

Director of Russian Federal Security Service (FSB) Alexander Bortnikov attends a meeting of the service's collegium in Moscow, Russia, February 28, 2023.Sputnik/Gavriil Grigorov/Pool via REUTERS

Eventually, through its analysis of Snake, the FBI developed an ability to decode and decrypt Snake's communications, the Justice Department said. The FBI then created a tool called Perseus, which could communicate with Snake on a specific system and use commands to force the malware to essentially self-destruct.

"Russian government actors have used this tool for years for intelligence collection," said Rob Joyce, the National Security Agency's director of cybersecurity, in a statement. "Snake infrastructure has spread around the world. The technical details will help many organizations find and shut down the malware globally."

Top Justice Department officials praised the FBI's ability to neutralize the FSB's network.

"The Justice Department, together with our international partners, has dismantled a global network of malware-infected computers that the Russian government has used for nearly two decades to conduct cyber-espionage, including against our NATO allies," Attorney General Merrick Garland said in a statement.

Advertisement

"We will continue to strengthen our collective defenses against the Russian regime's destabilizing efforts to undermine the security of the United States and our allies," he continued.

You are subscribed to notifications!
Looks like you've blocked notifications!
Next Article