NSA discloses hacking methods it says are used by Russia
WASHINGTON (AP) — U.S. and British agencies disclosed on Thursday details of "brute force" methods they say have been used by Russian intelligence to try to break into the cloud services of hundreds of government agencies, energy companies and other organizations.
An advisory released by the U.S. National Security Agency describes attacks by operatives linked to the GRU, the Russian military intelligence agency, which has been previously tied to major cyberattacks abroad and efforts to disrupt the 2016 and 2020 American elections.
In a statement, NSA Cybersecurity Director Rob Joyce said the campaign was "likely ongoing, on a global scale."
Brute force attacks involve the automated spraying of sites with potential passwords until hackers gain access. The advisory urges companies to adopt methods long urged by experts as common-sense cyber hygiene, including the use of multi-factor authentication and mandating strong passwords.
Issued during a devastating wave of ransomware attacks on governments and key infrastructure, the advisory does not disclose specific targets of the campaign or its presumed purpose, saying only that hackers have targeted hundreds of organizations worldwide.
The NSA says GRU-linked operatives have tried to break into networks using Kubernetes, an open-source tool originally developed by Google to manage cloud services, since at least mid2019 through early this year.