Good news: Microsoft is about to roll out a patch that fixes a security vulnerability that exists in every version of Windows except XP. Bad news: a gang of Russian hackers, most likely working for Moscow, has been exploiting it to spy on various targets - including the Ukrainians and NATO - for the past five years.
The Washington Post reports on the exploits of a group dubbed "SandWorm" (yes, sci-fi fans, it's a reference to "Dune"):
The group has been active since at least 2009, according to research by iSight Partners, a cybersecurity firm. Its targets in the recent campaign also included a Polish energy firm, a Western European government agency and a French telecommunications firm.
“This is consistent with espionage activity,” said iSight Senior Director Stephen Ward. “All indicators from a targeting and lures perspective would indicate espionage with Russian national interests.”
There is no indication that the group was behind a recent spate of intrusions into U.S. banks, including JPMorgan Chase, Ward said.
Current and former U.S. intelligence officials say the capabilities of Russian hackers are on par with those of the United States and Israel.
“It’s possible they’ve become more active in response to the Ukrainian situation,” said a former intelligence official. “And when you become more active, you increase your likelihood of getting caught.”