Some of the most sophisticated hackers in the world may be taking orders from one of the U.S. government's biggest adversaries: Russian President Vladimir Putin.
A new report released Tuesday by the security firm FireEye said it has uncovered evidence of "long-standing, focused operations that indicated a government sponsor -- specifically a government based in Moscow.”
The researchers said several clues suggest the Russian government is behind a widespread hacking campaign with victims around the world. For one, the hackers have spied on several targets of high interest to the Russian government, including several Eastern European governments, NATO and the country of Georgia, the report said. The hackers also likely come from Russia because they used computer code that contained Russian words and operated during Moscow working hours, according to the report.
To attack their victims, the hackers used spear-phishing, a common tactic in which hackers send emails that appear legitimate and mention specific topics that lure victims into clicking on links and attachments. Once victims clicked on them, their computers were infected with software that allowed the hackers to snoop on their activities.
Russia has long been home to skilled cybercriminals who steal credit cards to drain funds from Americans’ bank accounts. But the new report indicates that not all Russian hackers are motivated solely by money, and instead some are using their hacking skills to help the Russian government collect sensitive information on their adversaries.
The report comes after investigators in the United States have attributed a string of recent cyberattacks against America's major retailers and banks to hackers in Russia. Security experts have said Russian cybercriminals were likely behind last year's Target hack, which exposed credit card data belonging to 40 million customers, although they have not said the hackers were working directly for the Russian government.
In addition, investigators looking into recent cyberattacks at JPMorgan and nine other financial institutions believe the hackers may have "loose connections" with officials in the Russian government, according to The New York Times, which cited people briefed on the investigation.
The hackers' motives in the bank attacks are unclear. But JPMorgan had received criticism earlier this year from Russian officials for blocking a payment from the Russian embassy, and the FBI is investigating whether the hacking was in retaliation for recent U.S. sanctions against the country, according to Bloomberg News.