China behind series of hacker strikes on Russian government agencies in 2020: Report
Jun 11, 2021
Moscow [Russia], June 11 : A US-based IT company has claimed that hackers from China were behind the series of cybersecurity attacks on the Russian government last year.
Experts from the US company SentinelOne said that malicious code used in breaches into the Russian federal executives is similar to hacking tools associated with a broad set of suspected Chinese spies that have also targeted Asian governments in recent years, reported Cyberscoop, a leading media brand in the cybersecurity.
SentinelOne's findings are based on a report released last month by the Federal Security Service (FSB), one of Russia's main spy agencies, and the cyber unit of telecom firm Rostelecom.
Writing in Cyberscoop, Sean Lyngaas builds on the FSB report in which experts noted that earlier Russian government agencies had been targeted by "cyber mercenaries pursuing the interests of the foreign state."
Lyngaas writes that the attackers collected stolen data using top Russian technology providers Yandex and Mail.Ru, according to the report, which did not name a culprit in the breaches.
Earlier there was a report that China has purchased antivirus products from security vendors from the US, Europe and Russia, with the intent to identify vulnerabilities that can be used for compromise.
Citing a report by cybersecurity firm "Recorded Future", news service The CyberWire said that this purchase came under scanner because Beijing has already banned the use of foreign antivirus products, citing security risks.
SentinelOne's findings point to a reality that is often overlooked in US-centric cybersecurity discussions: that the Russian and Chinese governments conduct plenty of cyber-espionage against each other. Last year, for example, US officials publicly exposed a suspected Chinese hacking campaign that targeted entities in Russia and other former Soviet republics.
"The idea of Chinese targeting of Russian government [and vice versa] should not shock us," a researcher Juan Andres Guerrero-Saade said in an email. "Sino-Russian relations are complex and involve hot button issues like a shared border, diplomatic and economic interests."
Andrei Soldatov, a Russian journalist who wrote a book on the rise of the FSB after the fall of the Soviet Union, said the FSB report appeared to be an effort to portray Russian organizations as facing the same threats as other organizations. "It's like, 'We all face the same enemy lets fight it together,'" Soldatov said. "And for that, come to us, the FSB, and make us respectful."
US officials are ramping up pressure on the Russian government to rein in cybercriminals following the Colonial Pipeline ransomware attack. President Joe Biden has accused the perpetrators of operating from Russian soil, albeit not at Moscow's behest. The White House says Biden will raise the issue in a meeting with Russian President Vladimir Putin later this month.