The U.S and U.K governments warned governments across the world about Russian Cyberespionage. The governments informed that Russia had conducted a campaign targeting hundreds of organizations, especially the militaries, defense contractors, including the U.S and European governments. The Department of Defense has remained the focus of Russian Cyberespionage.
The Russian GRU remains a threat to the important upcoming event Olympics. The U.S and U.K governments warned that the Russian GRU might attempt to disrupt the event, said John Hultquist, Vice President at Mandiant Threat Intelligence. The U.S stated that the GRU was the main culprit behind the SolarWinds Cyberespionage campaign.
The advisory released by the U.S and U.K governments stated that the GRU is targeting cloud-based software and services. The main targets of the GRU are software services such as Microsoft Office 365, which is widely used by the federal government. The Microsoft email servers have also been targeted by the GRU. The advisory noted that the cyber groups are using encrypted traffic using the Tor network and VPNs to seize the activities and data exfiltration. The techniques like “live off the land,” are used by the actors to perform malicious activities by using legitimate tools that keep the security experts unaware of the activities on a victim’s network.