Russia-linked group that breached US state and local IT draws official accusation from feds

It’s no secret that the hacking group often referred to as Energetic Bear or TEMP.Isotope — linked by multiple security firms to Russia — is the prime suspect in a handful of breaches of state and local networks in recent weeks. But now U.S. federal officials are formally blaming the hackers for the activity. It’s part of a broader U.S effort to more swiftly accuse foreign adversaries of wrongdoing ahead of Election Day while reassuring voters that the election is being protected. In this case, federal officials said the Russian group had used a combination of old and new software vulnerabilities to breach some IT infrastructure used by state and local officials, but that there was no evidence that the “integrity of elections data has been compromised.” “The Russian state-sponsored APT actor has targeted dozens of SLTT [state, local, territorial and tribal] and aviation networks, attempted intrusions at several SLTT organizations, successfully compromised network infrastructure, and as of […]

The post Russia-linked group that breached US state and local IT draws official accusation from feds appeared first on CyberScoop.

Continue reading Russia-linked group that breached US state and local IT draws official accusation from feds

Industry alert pins state, local government hacking on suspected Russian group

Suspected Russian hackers were behind multiple recent intrusions of U.S. state and local computer networks, according to an industry analysis obtained by CyberScoop. The group responsible is known as TEMP.Isotope, according to a private advisory distributed by Mandiant, the incident response arm of security company FireEye. The alert notes that the same group has also been described as Energetic Bear, which multiple security firms have linked to Russia. The FBI and the U.S. Cybersecurity and Infrastructure Security Agency on Oct. 9 publicized a hacking campaign in which attackers breached some “elections support systems,” or IT infrastructure that state and local officials use for a range of functions. Those systems are not involved in tallying votes, and the advisory from U.S. officials noted that there was no evidence that the “integrity of elections data has been compromised.” The federal advisory did not blame a particular hacking group for the activity, saying only that the campaign was the work of “advanced persistent […]

The post Industry alert pins state, local government hacking on suspected Russian group appeared first on CyberScoop.

Continue reading Industry alert pins state, local government hacking on suspected Russian group