For at least the past two years, Russian hackers have been targeting Pentagon-linked defense contractors and subcontractors to steal sensitive data and information, U.S. authorities revealed this week.
In a joint alert published Wednesday, members of the U.S. intelligence community warned that they had observed “regular targeting” of U.S.-cleared defense contractors of varying sizes, going all the way back to January of 2020. These hackers have employed basic but effective hacking techniques, officials said, including spear phishing, brute force attacks, credential harvesting, and other typical intrusion techniques.
The goal of the hacking campaigns appears to have been to acquire “sensitive information” about things like U.S. weapons and missile development, intelligence, surveillance, and reconnaissance capabilities, vehicle and aircraft design, and command, control, and communications systems, officials said.
As such, it’s yet another unfortunate cyber-espionage episode to hit the U.S.—an occurrence that seems to becoming more and more regular. Several state-sponsored hacking controversies emerged last year, including the expansive SolarWinds hacking campaign, which is also said to have involved Russian state-sponsored actors.
From Wednesday’s alert, it sound like some fairly important information got swept up in the recent hacking campaign:
“The acquired information provides significant insight into U.S. weapons platforms development and deployment timelines, vehicle specifications, and plans for communications infrastructure and information technology. By acquiring proprietary internal documents and email communications, adversaries may be able to adjust their own military plans and priorities, hasten technological development efforts, inform foreign policymakers of U.S. intentions, and target potential sources for recruitment.”
Roughly translated, it sounds like the hackers got some pretty useful intel. It’s odd timing to release this information, since the U.S. and Russia are currently locked in an ugly diplomatic struggle over the political future of Ukraine. Amidst the squabble, the U.S. has warned that Russia may launch cyberattacks—not only at Ukraine, but also at U.S.-based entities.
