Russian viruses that use a vulnerability in Adobe Reader have been detected in 23 countries. Source: RBTH
Dmitry Alperovich, chief technology officer of US cybersecurity company CrowdStrike, accused Russia of spying against Western and Asian companies. The accusations were made in a January 22 report that focuses on the Russian hacker group Energetic Bear, which has allegedly been stealing data from numerous companies around the world for the last two years. The group is believed to focus on energy corporations. Most of their attacks target the United States, Europe and Japan. Russian viruses that use a vulnerability in Adobe Reader have been detected in 23 countries.
The American company has accused Energetic Bear of working for the Russian government. “We are confident of it,” Alperovich said, citing various technical clues and the nature of the data stolen by the hackers as evidence.
CrowdStrike specializes in cybersecurity research. One of its co-founders is Russian-born software specialist Dmitry Alperovich, who now lives in the United States. Before founding CrowdStrike, he worked for the cyber security giant McAfee. As a McAfee employee, in 2010 and 2011 he researched the cyber-activities of Chinese hackers who break into foreign corporate networks at the Chinese government’s behest.
Artem Baranov, a leading virus analyst with ESET, says CrowdStrike’s information looks fairly convincing.
“The company has shared this information with the media based on a recent yearly report about cyber attacks against governments and corporations all over the world,” Baranov said.
“Based on the data collected over several years, they have released evidence of the involvement of the Chinese, Russian and other governments in attacks against corporate networks.”
The analyst stressed, however, that he does not have any information at his disposal about the alleged Russian origins of the Energetic Bear group.
Kaspersky Lab, a leading Russian cyber security company, says that far-reaching conclusions should not be made based on a single report. Such conclusions must be supported with more information, so the company has decided to refrain from commenting at the moment.
Last year, Bloomberg released a ranking of the countries where most of the world’s cyber attacks originate. Apparently only 10 countries account for three quarters of all such attacks. Chinese hackers appear to be the most prolific, accounting for 41 percent of the global figure.
The United States was a distant second in the ranking and was identified as the origin of 10 percent of all “hacker traffic.” America is also the home of the world’s most famous hacking groups, such as Anonymous and AntiSec. Russia was ranked 4th with 4.3 percent.
Kaspersky Lab had earlier predicted a sharp rise in the demand for the services of cyber-mercenaries in 2014. These mercenaries “carry out attacks against their customers’ competitors. Their goals include industrial espionage or simply wreaking havoc with the competitor’s operations,” the company said. This prediction passed under the radar of many media outlets, which focused instead on cyber-snooping by America’s NSA.