The A-Team of Kremlin Hackers Is Back, and That’s Bad News for the Rest of Us

The feds say the Treasury and Commerce departments have been breached by hackers from leveraging a backdoor planted in a popular network monitoring app. The U.S. is pointing at Moscow as the likely culprit behind the break-ins. But they’re not pointing at the loud, aggressive, and troll-happy military hackers we’ve come to know in the years since they meddled in the 2016 election.

Instead, U.S. officials have told reporters that a stealthier, more sophisticated crew—the A-Team of Kremlin hacking—is to blame, potentially signaling a return to the kind of high profile break-ins that the group became notorious for in 2015.

These officials say hackers from Russia’s Foreign Intelligence Service, referred to as “Cozy Bear” or APT 29, are now the top suspects for a breach in the SolarWinds Orion software, which has governments and corporations around the world scouring their networks for signs of intrusion.

“This looks like a very well executed and careful operation but at the moment it is too early to say what the scale of the compromise is,” Matt Tait, a former information security specialist for the U.K.’s signals intelligence agency, GCHQ. “Hopefully as anti-virus vendors, and Microsoft in particular, start looking for signs of intrusion at scale we’ll have a much better picture of how severe and extensive the operation actually went.”

Source Article