It also isn’t the first code to hide in the UEFI chip. “And as long as there’s no deterrence, they’re not going to stop, and they’re going to get more and more sophisticated.”Īs sophisticated as it is, Russia’s new malware works only on PCs with security weaknesses in the existing UEFI configuration. “There’s been no deterrence to Russian hacking,” said former FBI counterterrorism agent Clint Watts, a research fellow at the Foreign Policy Research Institute. Claire McCaskill, who’s facing a hotly contested 2018 re-election race. The GRU’s hackers have been active for at least 12 years, breaching NATO, Obama’s White House, a French television station, the World Anti-Doping Agency, countless NGOs, and military and civilian agencies in Europe, Central Asia, and the Caucasus. The advanced malware shows the Kremlin’s continued investment in the hacking operation that staged some of the era’s most notorious intrusions, including the 2016 Democratic National Committee hack. US intelligence agencies have identified Fancy Bear as two units within Russia’s military intelligence directorate, the GRU, and last July Robert Mueller indicted 12 GRU officers for Fancy Bear’s US election interference hacking. They’re set to present a paper on the malware at the Blue Hat security conference recently. It’s proof that the hackers known as Fancy Bear “may be even more dangerous than previously thought,” company researchers wrote in a blog post. Its apparent purpose is to maintain access to a high-value target in the event the operating system gets reinstalled or the hard drive replaced, changes that would normally kick out an intruder. The malware, uncovered by the European security company ESET, works by rewriting the code flashed into a computer’s UEFI chip, a small slab of silicon on the motherboard that controls the boot and reboot process. Russia’s GRU spy agency has secretly developed and deployed new malware that’s virtually impossible to eradicate, capable of surviving a complete wipe of a target computer’s hard drive, and allows the Kremlin’s hackers to return again and again.
0 Comments
Leave a Reply. |