US Accuses Russian Hackers of Stealing Sensitive Defense Data From Contractors

pcmag.com:

Russian state-sponsored hackers have successfully infiltrated US defense contractors to steal information on weapon systems, aircraft designs, and other defense technology, US officials say.

On Wednesday, the FBI, NSA, and the US Cybersecurity and Infrastructure Security Agency (CISA) issued an alert about the hacking attempts, which have been targeting both large and small US defense contractors since at least January 2020. 

“These continued intrusions have enabled the actors to acquire sensitive, unclassified information, as well as CDC (cleared defense contractor)-proprietary and export-controlled technology,” the alert says.  

The affected defense contractors have supported numerous US military projects, concerning combat systems, intelligence-gathering, weapons and missile development, and vehicle and aircraft design. As a result, the stolen data risks helping the Russian government counter US military plans, speed up the country’s own technological development efforts, and even allow the Kremlin to target potential sources for recruitment.

Compromised entities include contractors supporting the US Army, Air Force, Navy, Space Force, and Defense Department and Intelligence programs, according to the agencies.

To infiltrate the defense contractors, Russian hackers have sent spear-phishing emails to trick unsuspecting employees into visiting a malicious website, which can infect their computers with malware. In other cases, the hackers attempt to break into online accounts tied to the defense contractor by guessing employee passwords. 

In addition, investigators have spotted Russian hackers exploiting publicly known vulnerabilities in enterprise and VPN software to infiltrate the defense contractors. Once access is