Russian-Backed Hackers Targeted U.S. Defense Contractors

Russian government-backed hackers obtained sensitive information on the development and deployment of U.S. weapons by violating defense contractors over the last two years, U.S. security agencies said in a public advisory on Wednesday.  

As such, the information gathered is unclassified but offers “important insight into U.S. weapons platforms development and deployment timelines,” as well as covering export-controlled technology, according to the FBI, National Security Agency (NSA), and US Cybersecurity and Infrastructure Security Agency (CISA). 

“The acquired information provides significant insight into U.S. weapons platforms development and deployment timelines, vehicle specifications and plans for communications infrastructure and information technology,” said CISA.   

“By acquiring proprietary internal documents and email communications, adversaries may be able to adjust their own military plans and priorities, hasten technological development efforts, inform foreign policymakers of US intentions, and target potential sources for recruitment,” it added.  

In parallel, tensions between the U.S. and Russia continue to escalate over a potential invasion of Ukraine, along whose border Russia has massed an estimated 150,000 troops, according to U.S. President Joe Biden.  

The country confronted various cyberattacks in recent weeks, with the most recent coming earlier this week. 

Ukraine’s defense ministry and two of its state-owned banks suffered denial-of-service attacks; while the attacks weren’t directly attributed to Russian-backed actors, the country blamed its neighbor last month for a campaign that hobbled dozens of government websites.  

More details determine how the disturbances struck contractors supporting every U.S. military branch, including the Air Force, Army, Navy, and Space Force, as well as firms that work on defense and intelligence programs, U.S. officials said.  

The American government agencies regularly released information on state-sponsored hacking threats. U.S. officials continue to say there is no credible, specific cyber threat to the U.S. homeland tied to the Ukraine crisis.  

Democratic Sen. Jack Reed of Rhode Island said that the U.S. generally has a “very active cyber operation against Russia. That was demonstrated … before the 2020 elections when we literally took out some Russian sites which we knew were interfering with our election.”  

At a January 19 news conference, Biden said that the U.S. could respond with hacking operations of its own to further Russian cyberattacks in Ukraine.  

U.S. officials have been publicly and privately informing U.S. critical infrastructure firms for weeks to check their networks for potential Russian hacking threats.  

Reed said that US Cyber Command, the military’s hacking and cyber defense unit, “is on full alert” in the event of any escalation from Russia in cyberspace.