On Thursday, the US National Security Agency (NSA) released a warning to government partners and private companies about an ongoing Russian hacking operation that targets operating systems behind computer infrastructure. This intrusion technique actively exploits a vulnerability that the NSA advised companies to take seriously. The notice is part of a larger series of public reports released by the agency, which is tasked with collecting foreign intelligence and sharing actionable cyber defense information.
The NSA did not clarify which business sectors are at the highest risk for being targeted by the Russian campaign, and it is still unclear how many organizations have been compromised. However, the NSA did state that the campaign was tied to a specific unit within Russia’s Main Intelligence Directorate; the Main Center for Special Technologies. This group is commonly referred to as “Sandworm” by cybersecurity researchers and has previously been linked to disruptive cyberattacks against electric production facilities.
Read More: NSA Warns of Ongoing Russian Hacking Campaign Against U.S. Systems