Spies planted malware on critical infrastructure, Russian security service says

01.08.2016
Russian military networks and other critical infrastructure have been hit by tailor-made malware, according to government officials.

Networks at some 20 organizations in Russia -- including scientific and military institutions, defense contractors, and public authorities -- were found to be infected with the malware, the Russian Federal Security Service (FSB) said Saturday.

The range of infected sites suggests that the targets were deliberately selected as part of a cyber-espionage operation, the FSB said.

Analysis of the attack showed that filenames, parameters and infection methods used in the malware are similar to those involved in other high-profile cyber-espionage operations around the world.

The software was adapted to the characteristics of each PC targeted, and delivered in a malicious email attachment, the FSB said.

Once installed, it downloaded additional modules to perform tasks such as monitoring network traffic, capturing and transmitting screenshots and keystroke logs, or recording audio and video using the PC's microphone and webcam.

The FSB is working with ministries and other government agencies to identify all the victims of the malware, and to limit its effects, it said.

Russia is said to be the source, not the target, of another government-related cyber-attack. Last week, evidence emerged suggesting Russian involvement in an attack on computers at the Democratic National Committee, where recent data leaks have tarnished the campaign of presidential candidate Hillary Clinton.

Rival republican candidate Donald Trump last week suggested Russian spies should infiltrate Clinton's email system in search of 30,000 messages allegedly missing from an investigation into her use of a private email server for official correspondence while secretary of state.

Peter Sayer