The coming U.S. elections next month have already led to an increase in the number of hacking attacks. And now it has been confirmed that Russian hackers have attacked state and local government networks in the U.S. where they have managed to steal data from two servers.
The recommendation from the FBI and the Department of Homeland Security’s cybersecurity agency reports that there has been an uptick in the recent operation of a Russian state-sponsored hacking community against those networks. Any of the targeted networks have been completely infiltrated by these hackers.
“The Russian state-sponsored APT actor attacked hundreds of SLTT government and aviation networks, attempted intrusions into many SLTT organizations, successfully breached network infrastructure, and, as of 1 October 2020, exfiltered data from at least two victims servers,” the warning said.
It also states that the “Russian-sponsored APT actor is obtaining user and administrator credentials to establish initial access, enable lateral movement once inside the network, and locate high-value assets in order to exfiltrate data”.
The advisory has not specified the name or location of the networks that have been targeted by hackers. Also, there’s no information yet as to whether any election or government operations have suffered an impact due to the attacks.
Furthermore, the FBI and CISA currently have no information as to whether the APT actor intentionally disrupted any aviation, education, elections, or government operations. However, the actor may be seeking access to obtain future disruption options, or to influence U.S. policies and actions.