Google Sees Russia Coordinating With Hackers in Cyberattacks Tied to Ukraine War

Not really anything to do with books, but PG found this interesting.

From The Wall Street Journal:

A growing body of evidence suggests that pro-Russian hackers and online activists are working with the country’s military intelligence agency, according to researchers at Google.

Western officials and security experts are interested in the possible Kremlin links because it would help explain Moscow’s intentions both inside and outside Ukraine despite recent military setbacks that prompted Russian President Vladimir Putin this week to announce a mobilization push.

Officials in the U.S. and Europe have warned throughout the war that Russian hackers could lash out against Ukraine’s allies by targeting critical infrastructure and governments with cyberattacks, but so far that has largely failed to materialize.

Over the past few months, Google’s Mandiant cybersecurity group has observed apparent coordination between pro-Russian hacking groups—ostensibly comprising patriotic citizen hackers—and cyber break-ins by Russia’s military intelligence agency, or GRU. In four instances, Mandiant says it observed hacking activity linked to the GRU in which malicious “wiper” software was installed on a victim’s network.

The initial wiper software caused disruption by destroying computer systems across the organization. Then, the hacktivists entered the picture. After each of these hacks—within 24 hours of the wiping—the hacktivist organizations have published data stolen from the same organizations.

Three pro-Russian hacktivist groups have been involved, according to Mandiant, which was acquired by Google in a deal that closed earlier this month. They are called XakNet Team, Infoccentr and CyberArmyofRussia_Reborn.

Combined with the other activity related to the war, this has created an unprecedented situation, Mandiant said, in a report on the hacktivists set to be released on Friday. “We have never previously observed such a volume of cyberattacks, variety of threat actors, and coordination of effort within the same several months,” the report states.

Link to the rest at The Wall Street Journal