MOSCOW (Reuters) - Russia and the United States are gradually starting to resume cooperation on cyber security, TASS news agency cited the head of Russia’s FSB Federal Security Service as saying on Thursday.
Russia’s bilateral relations with the United States are at post-Cold War lows, strained by an array of issues including U.S. allegations that Russia meddled in the U.S. 2016 presidential election.
“...we are restoring these (cyber security) relations,” FSB chief Alexander Bortnikov said.
Huh. You'd think that wouldn't happen, in light of this:
The FBI has warned that “the threat” to U.S. election security “from nation-state actors remains a persistent concern,” that it is “working aggressively” to uncover and stop, and the U.S. Director of National Intelligence has appointed an election threats executive, explaining that election security is now “a top priority for the intelligence community—which must bring the strongest level of support to this critical issue.”
With this in mind, a new report from cybersecurity powerhouse Check Point makes for sobering reading. “It is unequivocally clear to us,” the firm warns, “that the Russians invested a significant amount of money and effort in the first half of this year to build large-scale espionage capabilities. Given the timing, the unique operational security design, and sheer volume of resource investment seen, Check Point believes we may see such an attack carried out near the 2020 U.S. Elections.”
None of which is new—it would be more surprising if there wasn’t an attack of some sort, to some level. What is new, though, is Check Point’s unveiling of the sheer scale of Russia’s cyberattack machine, the way it is organised, the staggering investment required. And the most chilling finding is that Russia has built its ecosystem to ensure resilience, with cost no object. It has formed a fire-walled structure designed to attack in waves. Check Point believes this has been a decade or more in the making and now makes concerted Russian attacks on the U.S. “almost impossible” to defend against.
The Cozy Bear hacking group – also known as APT29 – is believed to be associated with the Russian intelligence service and, alongside Russian military hacking group Fancy Bear, was involved in a number of high profile attacks between 2014 and 2017.
In the time since then, Cozy Bear appeared to go quiet, but now cyber security analysts at ESET have detailed how the group – which they refer to as Dukes – have continued their activity while attempting to staying under the radar.
The newly uncovered campaign – dubbed Operation Ghost by researchers – started in 2013 and continued into 2019, meaning the group never stopped its espionage activity.
In attacks using four new families of malware, Cozy Bear has targeted at ministries of foreign affairs in at least three different countries in Europe, as well as the US embassy of a European Union country in Washington DC.
I'll say it again: Read "Mindf*ck: Cambridge Analytica and the Plot to Break America" and you'll understand what happened, how they did it, and who was behind it. I saw some people on social media today, making fun of people who are so stupid, they're influenced by Facebook ads. Read this -- it was so much more than that.