NSA, FBI expose Russian intelligence hacking tool - report

  • World
  • Friday, 14 Aug 2020

FILE PHOTO: A projection of cyber code on a hooded man is pictured in this illustration picture taken on May 13, 2017. REUTERS/Kacper Pempel/Illustration

(Reuters) - The U.S. National Security Agency and Federal Bureau of Investigation have exposed a sophisticated Russian hacking tool, they said on Thursday in a rare public report offering new insight on Russia's arsenal of digital weapons.

The NSA and FBI said that Russia's Main Intelligence Directorate, known as the GRU, was using a hacking tool code named "Drovorub" to break into Linux-based computers. Linux is an operating system commonly used across computer server infrastructure.

"Linux systems are used pervasively throughout National Security Systems, the Department of Defense, and the Defense Industrial Base - as well as the larger cybersecurity community writ large," Keppel Wood, chief operations officer in the NSA's Cybersecurity Directorate, told Reuters. "The malware has the potential to have a widespread impact if network defenders don’t take action against it."

The public call-out is unique, said a former Western intelligence official, because of the direct attribution offered by the U.S. agencies. The NSA and FBI connected Drovorub to a specific Russian intelligence team - the 85th Main Special Service Center (GTsSS), military unit 26165.

The GTsSS, the agencies said, is associated with the same hackers who broke into the Democratic National Committee in 2016.

“Drovorub is a ‘Swiss Army knife’ of capabilities that allows the attacker to perform many different functions, such as stealing files and remote-controlling the victim’s computer," said Steve Grobman, chief technology officer for cybersecurity company McAfee.

Thursday's highly technical, 45-page NSA/FBI report is the latest in a series of public call-outs by the U.S government aimed at Russian hacking operations ahead of the 2020 U.S. presidential election. The agencies did not say what types of organizations had been compromised by Drovorub.

"NSA is sharing this information to counter the capabilities of the GRU GTsSS, which continues to threaten the United States and its allies," said the NSA's Wood.

The FBI did not immediately respond to a request for comment.

(Reporting by Christopher Bing; Editing by Dan Grebler)

Article type: metered
User Type: anonymous web
User Status:
Campaign ID: 1
Cxense type: free
User access status: 3
Join our Telegram channel to get our Evening Alerts and breaking news highlights

Next In World

U.S. aid chief to travel to Ethiopia in diplomatic push on Tigray
Major protests swell in Guatemala as calls grow louder for president, attorney general to resign
Exclusive-Investigative media outlet fleeing Russia to escape crackdown, editor says
Death toll from German industrial park explosion rises to five
Hundreds in Slovak capital block traffic in protest against vaccination law
Tunisian labour union pushes for political crisis roadmap
Mexico president says thousands of federal prisoners to be freed under new decree
EU health body warns against visiting popular Greek islands over COVID-19
Thousands stuck in Colombia's Caribbean amid migration surge
Roberto Calasso, titan of Italian literature, dies

Stories You'll Enjoy