The FBI has seized a huge stash of IT hardware belonging to Russian military hackers, the White House has said.
Components including routers and firewall appliances were obtained by US authorities through their hacking of the same frameworks that pro-Kremlin operatives were using to communicate with the equipment.
An official document sheds light on the unorthodox mission’s intention to prevent Moscow-loyal computer experts from raising the infiltrated appliances as an online botnet army designed to create havoc on victim servers by activating waves of rogue traffic.
US Attorney General, Merrick Garland underlined how allies were “able to disrupt this botnet before it could be used.”
Named Cyclops Blink, the botnet that the FBI disturbed was controlled via malware, and is believed to be behind February’s “Sandworm” attack, US and UK cyber agencies say. Sandworm has been carrying out sustained levels of cyberattack on the behalf of Russian intelligence, Western authorities say.
Cyclops Blink was engineered to take over appliances created by Watchguard Technologies, according to private sector cyber firms. It gives Russian operations entry into compromised infrastructures, and allows for remote-based exfiltration or data deletion. It can also re-programme devices to work against another target entity.
Watchguard says it did work with the US DOJ to bring down the botnet, but did not reveal how many devices may have been impacted by its influence, saying only that the number represents “less than 1%” of the company’s appliances.
Speaking to reporters, the FBI Director, Chris Wray said:
“We removed malware from devices used by thousands of mostly small businesses for network security all over the world. We shut the door the Russians had used to get into them.”
PrivSec World Forum
Part of the Digital Trust Europe Series - will take place through May, June & July 2022, visiting five major cities;
PrivSec World Forum is a two-day, in-person event taking place as part of the Digital Trust Europe series. Data protection, privacy and security are essential elements of any successful organisation’s operational make-up. Getting these things right can improve stakeholder trust and take any company to the next level.
PrivSec World Forum will bring together a range of speakers from world-renowned companies and industries—plus thought leaders and experts sharing case studies and their experiences—so that professionals from across all fields can listen, learn and debate.