Russian Fancy Bear hackers target major US defence contractors to steal sensitive military secrets
According to the AP, 40% of 87 US defence contractors who were targeted by hackers clicked on malicious phishing links.
Russia-linked hacker group Fancy Bear has been reportedly targeting employees of major defence contractors working on sensitive military technology projects, including drones, missiles, stealth fighter jets and more.
According to an Associated Press investigation, 40% of 87 US defence contractors who were targeted by hackers clicked on malicious phishing links sent to them via email, possibly compromising their personal accounts and classified information. The AP investigation relied on email phishing data tracked by cybersecurity firm Secureworks between March 2015 and May 2016.
Fancy Bear targeted a slew of employees at both major and small defence companies, including Lockheed Martin, Boeing, Airbus and General Atomics among others. The hackers mostly targeted victims' personal Gmail accounts along with a few corporate accounts.
According to the news agency, 15 targets worked specifically on militarised drones including a drone sensor specialist at General Atomics and a senior engineer working on the X-37B, the secretive unmanned space plane, at Boeing.
Retired Air Force major general James Poss, who ran a partnership on drone research for the Federal Aviation Administration, said he was also sent a dubious phishing link in an email designed to look like a Google security alert. "I clicked on it and instantly knew that I had been had," he told the AP. He said he quickly realised the error before he could enter his credentials.
It is not clear how many employees fell victim to these phishing attacks or the extent of data compromised. However, the compromising of personal Gmail accounts could lead to further attacks on more valuable targets or the exploitation of any sensitive, personal details if found.
Upon reviewing the list of names targeted, Charles Sowell, a former senior adviser to the US Office of the Director of National Intelligence who was also targeted, told the AP: "The programmes that they appear to target and the people who work on those programmes are some of the most forward-leaning, advanced technologies.
"And if those programmes are compromised in any way, then our competitive advantage and our defence is compromised. That's what's really scary."
Fancy Bear, also known as APT 28 or Strontrium is widely believed to have hacked the Democratic National Committee (DNC) during the 2016 US presidential election and the German Parliament in 2015. US intelligence agencies have concluded that Fancy Bear is linked to the Kremlin and hacked the DNC as part of a wider influence campaign to tip the vote in Donald Trump's favour.
The Kremlin has vehemently denied any links to the group or efforts to meddle in foreign elections.
The hacking group has also targeted the World Anti-Doping Agency, the International Association of Athletics Federation, the International Olympic Committee and several other international sports organisations such as the International Luge Federation (FIL).
In January, Trend Micro said the group has been targeting the US Senate to swipe official credentials for espionage purposes as well.
Meanwhile, the AP notes that just one person of the 31 phishing attack targets they reached out to received a warning from US officials. They told the news agency that the FBI was aware of Fancy Bear's phishing efforts targeting defence contractors for more than a year.
One unidentified senior FBI official said that the bureau has been swamped with the number of targets and attempted cyberattacks. "It's a matter of triaging to the best of our ability the volume of the targets who are out there," the person noted.
According to an investigation by the AP last year, the FBI failed to inform "scores" of US government officials that Fancy Bear was trying to infiltrate their emails. Many of the targeted individuals were long-retired while others still held government positions and had security clearances.
These reports emerge as Russia continues to develop increasingly advanced and sophisticated drones over the past few years to better their own defence systems. Earlier this week, Russia's defense ministry said the Zhukovsky-Gagarin Air Force Academy will soon unveil a bird-shaped drone designed for reconnaissance missions at Innovations Day, TASS reported.
In December last year, the country's Federal Security Service (FSB) said Russia is currently working on new-generation drones and robotics control systems for security services.
"Efforts continue to put into operation the latest armament systems and technical means developed by departmental specialists and unrivalled in the world," FSB Chief Alexander Bortnikov told the Russian government daily Rossiyskaya Gazeta. "Work is underway to develop promising drones and systems for control of ground-and air-based robotic complexes, and also armored transport and fighting vehicles with the enhanced cross-country capacity, speed and protection."