A Russian government-sponsored hacking group nicknamed The Dukes has been uncovered after a seven-year rampage against numerous Western governments and organisations.
Security firm F-Secure reported uncovering the group, which it said has close ties to Russian intelligence gathering operations, suggesting that it is working for the Russian government to support its political aims.
“The Dukes are a well-resourced, highly dedicated and organised cyber espionage group that we believe has been working for the Russian Federation since at least 2008 to collect intelligence in support of foreign and security policy decision making,” the F-Secure report stated.
Some of the targets of the group have been identified as the ministries of defence in Georgia and Estonia, foreign affairs ministers in Turkey and Uganda, and political think tanks in the US, Europe and Central Asia.
This provides the Russian government with insights on the plans, policies and meetings being held in these nations, helping to form their own policies.
“These campaigns involve a fast but noisy break-in followed by the rapid collection and exfiltration of as much data as possible,” F-Secure said.
“If the compromised target is discovered to be of value, The Dukes will quickly switch the toolset used and move to stealthier tactics focused on persistent compromise and long-term intelligence gathering.”
F-Secure also said that the group appears to have shown little regard for its own activities when the tools being used were revealed publically, suggesting that it has little to fear in the form of repercussions.
“The Dukes have been known to engage in campaigns with unaltered versions of tools that only days earlier have been brought to the public’s attention by security companies and actively mentioned in the media,” F-Secure said.
“In doing so, The Dukes show unusual confidence in their ability to continue successfully compromising their targets even when their tools have been publicly exposed, as well as in their ability to operate with impunity.”
Commenting on the report, Patrik Maldre, a junior research fellow with the International Centre for Defence and Security in Estonia, said that it provided new insight on the extent of Russia’s cyber activities for political purposes.
“They shed new light on how heavily Russia has invested in offensive cyber capabilities, and demonstrate that those capabilities have become an important component in advancing its strategic interests,” he said.
“The report confirms the need for current and prospective NATO members to strengthen collective security by increasing cyber cooperation in order to avoid becoming victims of Russian information warfare, espionage and subterfuge.”
Russia is seen as one of the top cyber threats in the world, and the US lists the country alongside China, North Korea and Iran as the biggest threats in this area.
Kaspersky reported last week on a campaign by a group called Turla that used satellite connections to avoid detection, in another example of the sophisticated threats posed by Russian hackers.
Q3 losses reverse Q2 gains
FBI briefing US companies to dump Kaspersky, claiming intelligence prove it a 'threat to national security'
Kaspersky rejects FBI accusations that its products are a 'threat to national security'
But breached contractor says that it simply didn't have that much data
EE follows Three in threatening legal action against Ofcom - but for entirely different reasons