In mid-May, the Russian government (quietly) published a report revealing that foreign hackers had successfully compromised the Russian Government’s cyber systems. The report suggests that sophisticated hackers were pursuing the interests of a foreign state or that they were backed by a particular state but makes no statement as to who may have been behind it.
Reuters noted that generally publication of this type of government-backed report is intended as a signaling effort to foreign states that the government is aware of any hacking attempts or cyber-criminal groups. By contrast, this report curiously received very little attention in Russian media.
The report also suggested that the hackers had used two of Russia’s leading cloud storage service providers as part of its attack – Yandex and Mail.ru. Yandex has declined to comment and Mail.ru released a statement that its cloud service had not been compromised or used to distribute any malware at the time of the hack.
Russian officials have stated that the hackers were well prepared and showed an intimate knowledge of Kaspersky Lab’s software (the Russian antivirus lab). Despite this, Kaspersky has commented that the hackers had not successfully exploited its systems.
So perhaps not surprisingly, the true nature of the attack is unclear. But it is certainly a lesson that everyone can be prey to sophisticated state-based or state-sponsored attackers (a fact not missed by our own federal Government in its 2020 Cyber Security Strategy).