Attacks on printers: Microsoft announced the new targets of Russian hackers

In its corporate blog, Microsoft warned users of a new wave of activation of "Russian hackers", Attacks on printers: Microsoft announced the new targets of Russian hackers

Attacks on printers Microsoft announced the new targets of Russian hackers

In its corporate blog, Microsoft warned users of a new wave of activation of "Russian hackers", namely the Strontium group, also known as Fancy Bear. According to experts, cybercriminals targeted the Internet of Things (IoT) by attacking office printers, IP phones, and video decoders.

Hackers from the Strontium group, also known as Fancy Bear, use the Internet of Things (IoT) vulnerabilities to attack organizations' computer networks, Microsoft warns on its corporate blog.

According to company experts, office printers, IP-telephones and video decoders are in the risk zone, hacking which attackers gain access to the corporate network and confidential data.

  • “These devices are entry points through which a hacker secures his presence on the network and begins to seek further access. After the attacker successfully connects, he searches for other insecure devices to navigate the network in search of accounts with higher privileges that provides access to valuable data, ”Microsoft experts said in a statement.

  • In the West, Fancy Bear is called "Russian hackers", as this group is credited with close ties to the Kremlin. It is believed that it was Fancy Bear, who is also called APT28, who was involved in hacking the mail of the National Committee of the Democratic Party of the United States during the presidential race in 2016.

  • According to Microsoft, a surge in attacks by Strontium using devices from the Internet of things occurred in April of this year.

At the same time, in two cases, the attackers did not even have to hack, because the organizations did not change the default passwords on printers, which are set at the factory.

  • In the third case, an outdated firmware with a known vulnerability was installed on the compromised device.

  • Information security experts were able to establish the involvement of Strontium in these attacks, but so far find it difficult to answer what was the purpose of the attackers.

  • This year, Microsoft has already pointed out the danger posed by this hacker group. In February, an IT company accused Fancy Bear of hacking attacks on European political research centres. Experts believe that cybercriminals stepped up on the eve of the elections to the European Parliament, which took place in May.

You may also like

Among the affected organizations are the European branches of the Aspen Institute and the German Marshall Fund, as well as the German Foreign Policy Center.

  • Hackers tried to hack 104 accounts of employees of these centres from Belgium, Germany, Poland, Romania, Serbia and France.

  • “We have observed and continue to observe attempts by states and other forces to influence the outcome of elections in the democratic countries of the world, including Europe. These attacks extend not only to election campaigns but also to research centres and non-profit organizations ... which are often in close contact with government officials, ”said Tom Burt, vice president of security for Microsoft.

  • According to Microsoft, hacker attacks on Europe lasted from September to December 2018. The company did not specify whether these hacks were successful but reported that it promptly notified the affected organizations about the incident and helped them improve they're cyber defense.

  • In 2018, Fancy Bear was accused of attacking the U.S. defense - with the help of a phishing mailing list, hackers allegedly gained access to electronic mailboxes of employees of the military industry. Attackers fraudulently gained access to the email addresses of 87 people working in the defense industry and developing secret types of weapons - military drones, warheads, missiles, stealth fighters, etc.

Among the victims of “Russian hackers” are employees of such large military-industrial and aviation corporations as Lockheed Martin, Raytheon, Boeing, Airbus Group and General Atomics.

  • It is not known for certain what exactly was stolen, but this incident revealed one of the most important vulnerabilities of US government agencies and statements - the insufficient level of protection of electronic correspondence of officials with access to confidential information.

Who exactly is in question, what is the evidence, and on the basis of which the conclusions of such a category are made, we do not understand.

  • No such data. Accordingly, we relate to such statements, ” RIA Novosti quoted Peskov as saying.

  • “As before, we don’t understand why Fancy Bear, what’s the Russian military intelligence, what these accusations are based on, are serious enough, they cannot sound unfounded. We don’t see any more specifics, ”the spokesman of the head of state added.

  • Russian presidential spokesman Dmitry Peskov called Microsoft's allegations against Russia unfounded.

  • “We don’t know what hackers are being talked about, we don’t know what the influence in the elections is. From America, we hear confirmation that there was no influence in the elections

No comments:

Like a Reply

Powered by Blogger.