FBI, CISA: Russian Cyber Actor Targets U.S. State, Local Gov’t Networks

FBI, CISA: Russian Cyber Actor Targets U.S. State, Local Gov’t Networks
Cyber Attack

The Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) have reported about a Russian state-sponsored cyber actor that has attacked non-federal government and aviation networks. 

Various state, local, territorial and tribal government bodies within the U.S. have experienced cyber threats from Russia-based actors identified with the names “Berserk Bear,” “Energetic Bear,” “Crouching Yeti,” "Koala," "TeamSpy," “Dragonfly,” and “Havex," CISA said Thursday.

The attacks may have started in September 2020, with at least two unauthorized data extrusions as of Oct. 1. The cyber actor steals credentials to access networks and exfiltrate high-value asset data. 

Illicitly accessed information includes critical network passwords, procurement information and standard operating procedures. FBI and CISA have not identified cases of this actor targeting the upcoming U.S. elections, but will continue to surveil for such. 

The list of internet protocol addresses used by the actor can be found here.

You may also be interested in...

Bruce Caswell

Maximus Reports Q4 FY 2020 Results; Bruce Caswell Quoted

Maximus has reported financial results for the fourth quarter and full year, which ended Sept. 30, 2020. for fiscal 2020, revenue increased to $3.46 billion compared to $2.89 billion reported for the same period last year. Maximus reported organic growth of 15.7 percent in fiscal 2020, or 4.6 percent excluding the Census contract.