Russian hackers target local internet to spy on embassies in Moscow, Microsoft says
nextgov.com
The attack works by rerouting targeted diplomatic devices through a hoax captive portal modeled on the kind commonly used to grant internet access in hotels and airports.
A major Russian cyberespionage unit is attempting to spy on foreign embassies in Moscow by targeting local internet and telecom infrastructure used by diplomatic personnel inside the nation’s capital city, according to findings released Thursday by Microsoft’s threat intelligence arm.
The group, dubbed Secret Blizzard, was observed in February deploying a spying program called ApolloShadow inside the systems of local telecom and internet service providers used by embassies, aiming to intercept sensitive intelligence produced by diplomats and other staffers, the report says.
The cyberspies are likely exploiting Russia’s “lawful intercept” architecture to seed the malware into internet and communications systems. Like many nations with developed telecom infrastructure, Russia’s lawful intercept programs require communications firms to engineer their systems for ...
Copyright of this story solely belongs to nextgov.com . To see the full text click HERE