Russian-backed hackers targeted US defense contractors to obtain sensitive information

The attacks date back to at least the start of 2020.

Sponsored Links

US soldiers walk next to M1 Abrams tanks at the Mihail Kogalniceanu Air Base,  Romania, February 14, 2017. Inquam Photos/Octav Ganea/via REUTERS ATTENTION EDITORS - THIS IMAGE WAS PROVIDED BY A THIRD PARTY. EDITORIAL USE ONLY. ROMANIA OUT. NO COMMERCIAL OR EDITORIAL SALES IN ROMANIA
Inquam Photos / reuters

Starting as early as January 2020, Russian state-sponsored hackers have repeatedly targeted American defense contractors, according to the Cybersecurity and Infrastructure Agency (CISA). In an alert spotted by The Verge, the agency said on Wednesday that Russian-backed actors have spent the past two years targeting contractors with US security clearance. What's more, those activities allowed them to obtain sensitive information and export-controlled technologies, said CISA.

Those hackers cast a wide net, targeting companies with contracts involving weapons and missile development, as well as vehicle and aircraft design, among other sensitive areas of work for the Department of Defense. CISA makes no mention of those actors obtaining classified documents, but the agency notes they went after both large and small targets. Alongside the FBI and NSA, CISA anticipates Russian-backed hackers will continue to target defense contractors in the near future.

“The acquired information provides significant insight into US weapons platforms development and deployment timelines, vehicle specifications and plans for communications infrastructure and information technology,” said CISA. “By acquiring proprietary internal documents and email communications, adversaries may be able to adjust their own military plans and priorities, hasten technological development efforts, inform foreign policymakers of US intentions and target potential sources for recruitment.”

Turn on browser notifications to receive breaking news alerts from Engadget
You can disable notifications at any time in your settings menu.
Not now

The advisory comes as tensions between the US and Russia continue to escalate over a potential invasion of Ukraine. In recent weeks, the country has faced multiple cyberattacks, with the most recent coming earlier this week. Ukraine’s defense ministry and two of its state-owned banks suffered denial-of-service attacks. The attacks weren’t directly attributed to Russian-backed actors, but the country blamed its neighbor last month for a campaign that hobbled dozens of government websites.

All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission.
Popular on Engadget