'Russian state-sponsored cyber actors' cited in hacks of U.S. defense contractors

Written by
Feb 16, 2022 | CYBERSCOOP

For more than two years, “Russian state-sponsored cyber actors” have targeted the emails and other data of U.S. defense contractors that handle sensitive information about weapons development, computer systems, intelligence-gathering technology and more, the federal government warned Wednesday.

The alert from the Cybersecurity and Infrastructure Security Agency said cleared defense contractors (CDCs) are the primary victims of the breaches. Those companies are authorized by the Department of Defense to access, receive and store classified information as part of their contracting work. The alert does not say whether classified information was accessed.

The attackers, however, have been able to “acquire sensitive, unclassified information, as well as CDC-proprietary and export-controlled technology,” the alert said, by focusing on “enterprise and cloud networks, prioritizing their efforts against the widely used Microsoft 365 (M365) environment.”

“The acquired information provides significant insight into U.S. weapons platforms development and deployment timelines, vehicle specifications, and plans for communications infrastructure and information technology,” CISA said. “By acquiring proprietary internal documents and email communications, adversaries may be able to adjust their own military plans and priorities, hasten technological development efforts, inform foreign policymakers of U.S. intentions, and target potential sources

Read More: https://www.cyberscoop.com/russian-state-sponsored-cyber-actors-cited-in-hacks-of-u-s-defense-contractors/