Russia hacked hundreds of Western, Asian companies - security firm

WASHINGTON Wed Jan 22, 2014 11:30am IST

A magnifying glass is held in front of a computer screen in this picture illustration taken in Berlin May 21, 2013. REUTERS/Pawel Kopczynski/Files

A magnifying glass is held in front of a computer screen in this picture illustration taken in Berlin May 21, 2013.

Credit: Reuters/Pawel Kopczynski/Files

Stocks

   

WASHINGTON (Reuters) - A U.S. cybersecurity firm says it has gathered evidence that the Russian government spied on hundreds of American, European and Asian companies, the first time Moscow has been linked to cyber attacks for alleged economic - rather than political - gains.

According to the firm, CrowdStrike, the victims of the previously unreported cyber espionage campaign include energy and technology firms, some of which have lost valuable intellectual property.

CrowdStrike declined to go into detail about those losses or to name any victims, citing confidentiality agreements related to its investigation.

Officials with the Russian Interior Ministry could not be reached for comment early on Wednesday in Moscow.

"These attacks appear to have been motivated by the Russian government's interest in helping its industry maintain competitiveness in key areas of national importance," Dmitri Alperovitch, chief technology officer of CrowdStrike, told Reuters on Tuesday evening.

Cybersecurity researchers have in the past said that China's government was behind cyber espionage campaigns against various corporations dating back as far as 2005, but China has vehemently denied those allegations. Alperovitch said this is the first time the Russian government has been linked to cyber intrusions on companies.

Governments have been using computer networks to spy on each other for more than 30 years in the type of surveillance programs conducted by virtually every nation, according to CrowdStrike. It is only in the past decade that some nations have started using cyber espionage as a platform for gaining data to help promote their national economic interests, according to Alperovitch.

CrowdStrike has been following the activities of the Russian group of hackers, which it dubbed "Energetic Bear," for two years. The firm believes the Russian government is behind the campaign because of technical indicators, as well as analysis of the targets chosen and the data stolen, according to Alperovitch.

"We are very confident about this," he said. Victims include European energy companies, defense contractors, technology companies and government agencies, according to the CrowdStrike report.

Manufacturing and construction firms in the United States, Europe and Middle East as well as U.S. healthcare providers were also cited as targets in the report that was posted on the web early on Wednesday morning, here

CrowdStrike described the activities of the Energetic Bear hackers in its annual cyber threat report, released on Wednesday. It also documented attacks by hacking groups in China and Iran and described the activities of the activist Syrian Electronic Army.

Alperovitch, who is of Russian ethnic origin and now lives in the Washington, D.C., area, is an expert on cyber espionage who rose to prominence while working for McAfee Inc. While there he managed a team of researchers who produced a landmark January 2010 report that described how Chinese hackers had launched an unprecedented series of attacks known as "Operation Aurora" on Google Inc (GOOG.O) and dozens of other companies.

In 2012, he co-founded CrowdStrike, which collects intelligence about the activities of hacking groups around the world and sells software to thwart such attacks.

He told Reuters that the data his firm has obtained about Energetic Bear suggests that authorities in Moscow have decided to start using cyber espionage to promote Russia's national economic interests.

"They are copying the Chinese play book," he said. "Cyber espionage is very lucrative for economic benefit to a nation."

(Reporting by Jim Finkle, additional reporting by Megan Davies in Moscow; Editing by Tiffany Wu and Ken Wills)

Online Shopping

An empty shopping cart is seen outside a Best Buy store in Westbury, New York November 28, 2014. REUTERS/Shannon Stapleton

BestBuy.com back online after second Black Friday outage

Best Buy Co Inc's retail website is back online after it was down for a second time on Black Friday, the busiest U.S. shopping day in terms of sales and traffic since 2005, according to ShopperTrak.  Full Article 

REUTERS SHOWCASE

Gold Imports

Gold Imports

India eases gold import rule in surprise move.  Article 

Indians in Iraq

Indians in Iraq

India says no contact with 39 men held by Islamic State in Iraq.  Full Article 

Sahara Issue

Sahara Issue

Sahara looks to raise $650 million loan to fund bail.  Full Article 

Bhopal Tragedy

Bhopal Tragedy

Bhopal's toxic legacy lives on, 30 years after industrial disaster.  Full Article 

Banking Sector

Banking Sector

After record deal, more India bank takeovers on cards  Full Article 

Islamic Fund

Islamic Fund

India gets new Islamic equity fund but debt market still off-limits  Full Article 

Cricket Tragedy

Cricket Tragedy

Clarke breaks down giving heartfelt Hughes tribute  Full Article 

Nigeria Violence

Nigeria Violence

Bombs, gunfire kill 81 at crowded mosque in Nigeria's Kano  Full Article 

Movie Review

Movie Review

D’Silva's “Ungli” just skims the surface  Full Article | Related Story 

Reuters India Mobile

Reuters India Mobile

Get the latest news on the go. Visit Reuters India on your mobile device  Full Coverage