Russian hackers are accused of infecting three Eastern European companies with malware
Hackers allegedly linked to Russian military intelligence are accused of infecting three energy and transport companies in Ukraine and Poland with sophisticated new malware, Reuters reports.
The claims: The companies, which have not been named, were infected with a new type of malicious software called GreyEnergy between 2015 and mid-2018, according to a researchers at Slovakian IT security firm ESET. They believe it was developed by the same group behind a series of high-profile cyberattacks on Ukraine in recent years, called Sandworm, using malware called BlackEnergy. “The important thing is that they are still active,” ESET researcher Robert Lipovsky told Reuters. “This shows that this very dangerous and persistent ‘threat actor’ is still active.”
Attribution: The UK’s spy agency GCHQ said this month that Sandworm and BlackEnergy are both names associated with the GRU, Russia’s military intelligence body (it has recently rebranded to GU). It’s an allegation that has been flatly denied by the Kremlin.
Diplomatic tensions: These claims come during a period of particularly poor relations between Russia and the West, in the aftermath of a nerve attack on former GRU officer Sergei Skripal in England that the UK alleges was carried out by Russian agents.
Deep Dive
Computing
Everything dies, including information
Digitization can help stem the tide of entropy, but it won’t stop it.
What’s next in cybersecurity
“When it comes to really cutting off ransomware from the source, I think we took a step back.”
Moving money in a digital world
Security is the critical element to expanding digital-first payments.
Cyber resilience melds data security and protection
Organizations face pervasive and sophisticated cyberattacks, but modern data protection techniques can provide a multifaceted defense.
Stay connected
Get the latest updates from
MIT Technology Review
Discover special offers, top stories, upcoming events, and more.