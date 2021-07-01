Hundreds of ‘brute force’ cyber attacks are being blamed on Russian intelligence.

Russian intelligence employed “brute force” methods to hack into the cloud services of hundreds of government agencies, energy firms, and other organizations, according to US and British agencies.

Attacks by operators associated to the GRU, the Russian military intelligence organization, have been linked to major cyberattacks abroad and efforts to undermine the 2016 and 2020 US elections, according to a National Security Agency (NSA) advisory.

NSA cybersecurity director Rob Joyce said in a statement that the attack was “likely ongoing, on a global scale.”

Automated spraying of sites with potential passwords until hackers obtain access is known as a brute force assault.

The advise, which was co-released with the British National Cyber Security Centre, encourages businesses to implement common-sense cyber hygiene measures such as multi-factor authentication and requiring strong passwords, as recommended by experts.

This serves as a timely reminder that the GRU remains a serious concern, especially in light of the approaching Olympics, which they may attempt to disrupt.

The advice, which was issued during a devastating wave of ransomware assaults on governments and critical infrastructure, does not reveal the campaign’s precise targets or apparent objective, instead stating that hackers have targeted hundreds of organizations throughout the world.

Since at least mid-2019, GRU-linked operatives have attempted to hack into networks using Kubernetes, an open-source platform created by Google to manage cloud services.

The hackers went after other cloud providers and email servers as well, according to the NSA. While a “substantial amount” of the attempted break-ins targeted organizations utilizing Microsoft’s Office 365 online services, the hackers also went after other cloud providers and email servers.

Russia has long been accused by the US of using and permitting cyberattacks for espionage, disinformation, and disruption of governments and critical infrastructure.

The action revealed by the NSA on Thursday, according to Joe Slowik, a security analyst at network-monitoring firm Gigamon, reveals the GRU has further streamlined an already popular technique for hacking into networks.

It appears to correspond with Department of Energy information on brute force intrusion efforts targeting the United States in late 2019 and early 2020, he added. (This is a brief piece.)