US says Russian state hackers lurked in defense contractor networks for months

Cartoon padlock and broken glass superimposed on a Russian flag.

Enlarge / What’s happened to Russia’s flag? (credit: Sean Gladwell / Getty Images)

joint advisory by the FBI, National Security Agency, and the Cybersecurity and Infrastructure Security Agency. The hackers have been targeting and successfully hacking cleared defense contractors, or CDCs, which support contracts for the US Department of Defense and intelligence community.

“Persistent access,” “significant insight”

“During this two-year period, these actors have maintained persistent access to multiple CDC networks, in some cases for at least six months,” officials wrote in the advisory. “In instances when the actors have successfully obtained access, the FBI, NSA, and CISA have noted regular and recurring exfiation of emails and data. For example, during a compromise in 2021, threat actors exfiated hundreds of documents related to the company’s products, relationships with other countries, and internal personnel and legal matters.”

Read 8 remaining paragraphs | Comments