Protect your corporate IT network from hackers and other unwanted intruders with Proxy Sentinel™. Click here for all the details and get the peace of mind you deserve.
Back to our Homepage Proxy Sentinel™ high performance Internet proxy server and secure firewall solution Firewall Sentinel™ secure & powerful Internet firewall solution About Internet and GCIS Frequently Asked Questions on Internet security issues Internet Security Industry News - Stay informed of what's happening Contact Internet today and order your Proxy Sentinel™ or Firewall Sentinel™ server now!

Russian cyberspies are snooping on western governments and NGOs

If you need reliability when it comes to SMTP servers, get the best, get Port 587.

Get a powerful Linux Dual-Core dedicated server for less than $2.67 a day!

Share on Twitter.

September 17, 2015

Click here to order the best deal on a HP enterprise dedicated server and at a great price.

Security researchers have highlighted an ongoing hacking campaign by Russian cyberspies to snoop on western governments and NGOs.

The campaign also is targeting Georgia, using what's called as 'Dukes' malware.

The so-called 'Dukes Group' of attackers employ a family of unique malware toolsets used to steal information by infiltrating computer and server networks, but before siphoning off compromised data, in an effort to avoid detection prior to their attacks.

The group has been using malware toolkits to support Russian intelligence gathering dating back to at least 2008, according to Finnish security firm F-Secure.

Artturi Lehtio, F-Secure’s researcher heading the investigation, said that the new analysis strengthens some claims that the group is backed by Russia.

He added that the group is also working to support Russian intelligence gathering from at least two known sources, but without providing any names.

“The research details the connections between the malware and tactics used in these attacks to what we understand to be Russian resources and interests,” Lehtio explained.

Victims include the former Georgian Information Centre on NATO (now called the Information Centre on NATO and the EU), the Ministry of Defense in Georgia, the ministries of foreign affairs in both Turkey and Uganda.

There are other various victims such as government institutions and political think tanks in the United States, Europe and Central Asia as well.

“The various connections provide evidence that helps establish where the attacks originated from, what they were after, how they were executed, and what the objectives were in the first place. And all the signs point back to Russian state-sponsorship,” Lehtio added.

The Duke group uses nine different variants of malware toolsets, and Lehtio’s discovery of two new variants allowed internet security researchers to make new connections between the group and the attacks.

It will be interesting to see what other ramifications (if any) will come up soon in this episode. We will keep you posted on these and other developments as they happen.

Source: F-Secure.

Get a powerful Linux Dual-Core dedicated server for less than $2.67 a day!

Share on Twitter.

Home | Proxy Sentinel™ | Firewall Sentinel™ | FAQ | News | Sitemap | Contact
Copyright © Internet    Terms of use    Privacy agreement    Legal disclaimer