West destroys Russia’s ‘Snake’ hacking tool
THE UK and its allies have destroyed Moscow’s “premier espionage tool”, it has been announced.
The UK’S National Cyber Security Centre, part of GCHQ, along with the FBI and security forces from New Zealand, Australia and Canada, revealed technical details about how they successfully dismantled the “Snake malware” implant.
The groups said yesterday they hoped to help organisations understand how Snake operates and suggest mitigations to help defend against the threat.
A senior FBI official told reporters: “We assess this to be their [Russia’s] premier espionage tool. Our ability to take it down, and then publicly provide network defenders with the ability to now defend their networks against it, we believe makes it untenable for the FSB [Russia’s Federal Security Service] to reconstitute after this operation.”
The malware and its variants have been a core component in Russian espionage operations for two decades.
The international spy agencies working on breaking the code identified Snake infrastructure in more than 50 countries across the world. America’s Cybersecurity and Infrastructure Security Agency stated that the implant has been used to collect sensitive information from specific targets, such as government networks, research facilities and journalists.
Paul Chichester, the National Cyber Security Centre director of operations, said: “The advisory lifts the lid on a highly sophisticated espionage tool used by Russian cyber actors.
“We strongly encourage organisations to read the technical information about Snake malware and implement the mitigations to help detect and defend against this advanced threat.”