Google researchers have claimed evidence bears the fingerprints of pro-Russian hackers working with their country’s military intelligence agency, the Wall Street Journal reported .
Link
Over the past months, the ” Mandiant ” group, which specializes in cyber security of Google, has noticed a clear coordination between pro-Kremlin hacker groups and cyber intrusions by the Russian Military Intelligence Agency, according to the newspaper.
Mandiant said it observed hacking activity linked to the Russian military intelligence agency, in which malware was installed on victims’ networks in four cases.
Western officials and security experts are interested in possible links between Russian hackers and the Kremlin, to understand and analyze Moscow’s intentions inside and outside Ukraine.
Officials in the United States and Europe warned throughout the war that Russian hackers could attack Ukraine’s allies by targeting critical infrastructure and governments with cyberattacks, but this largely did not materialize.
Despite Russia’s previous denials of its involvement in the hacking, a representative from the Russian Embassy in Washington did not respond to The Wall Street Journal’s requests for comment.
Now that XakNet has established itself as a hacking group, it can be used as a cover for a more serious cyber operation directed by Russian intelligence, said John Holtquist, vice president of intelligence analysis at Mandiant.
On the involvement of the Russian Military Intelligence Agency, Holtquist explained: “These representatives cannot be taken lightly… They are able to stay out of the spotlight.”
The official added that the evidence is not strong, but the frequent links between the GRU-linked attacks and hacking operatives “are hard to ignore and they point out that the relationship is not accidental.”
And last spring, the US Department of Homeland Security issued an alert naming “XakNet” (pronounced hack-net) and another group known as “Killnet” as potential threats to America.
The US establishment also warned that the war in Ukraine could lead to an escalation of attacks by hackers.
Security researchers have revealed that Killnet has attacked a range of entities, including targets in Japan, Italy, Norway, Estonia and Lithuania, with attacks trying to confuse servers with Internet traffic.
Hultquist said the group appears to sometimes work in coordination with XakNet.