Fancy Bear targets defence contractors email to steal tech secrets

News by Teri Robinson

Russian hacking group Fancy Bear, have exploited weakspots in the email systems of defence contract workers to access top secret information on US defence technology, including drones.

Russian hacking group Fancy Bear, whose interference in the US presidential election set off a firestorm of concern in the security, defence and intelligence communities, has actively exploited weakspots in the email systems of defence contract workers to access top secret information on US defence technology, including drones.

Just as they did with former Hillary Clinton Campaign Manager John Podesta and members of the Democratic National Committee (DNC) as well as other organisations and persons affiliated with the Democrats, Fancy Bear tricked employees at companies like Boeing, Lockheed Martin, General Atomics, Raytheon Co., and Airbus Group into handing over their credentials, the Associated Press (AP) found after reviewing 19,000 lines of email phishing data from Secureworks that had been generated by the hackers and after interviewing 31 of the 87 attack targets.

“The programs that they appear to target and the people who work on those programs are some of the most forward-leaning, advanced technologies,” the AP quoted former Director of National Intelligence (DNI) Senior Advisor Charles Sowell, who reviewed the list of names for the AP. “And if those programs are compromised in any way, then our competitive advantage and our defence is compromised.” 

Noting that “employees working on sensitive projects like militarised drones, rockets, missiles, etc. should expect to be targeted by nation-state level attackers,” Obsidian Security CTO and Co-founder Ben Johnson said “the fact that Fancy Bear is targeting personal Gmail accounts highlights how the security perimeter has dissolved.”

It's clear that “hackers aren't trying to bust open networks,” but rather are “stealing identities, which is a much easier proposition,” Johnson said. “It's now incumbent upon the user to defend the organisation, and the security team has to create the equivalent of cyber-bodyguards to help them.”

Topics:

Find this article useful?

Get more great articles like this in your inbox every lunchtime

Upcoming Events