Hacking team tied to Russia targeted 'western govt entity' in Ukraine: Researchers

The Palo Alto Networks report called the hacking group responsible "Gamaredon", saying it is an active threat to Ukraine. PHOTO: REUTERS

KYIV (REUTERS) - A hacking team that Ukraine says is controlled by Russian intelligence targeted a "western government entity" currently in the country, based on new research published by Palo Alto Networks on Thursday (Feb 3).

The United States and other allies sent military advisers and cyber-security experts to Ukraine in recent months to help defend against Russian forces.

The Palo Alto Networks report does not name the targeted entity and a company representative declined to comment further.

Palo Alto Networks said it was able to track the Russian hacking mission by analysing a maze of different malicious web domains designed to infect Ukrainian computers with malware.

Russia has amassed more than 100,000 troops along the border with Ukraine, prompting fears of war. Although denying it plans an invasion, Russia is demanding sweeping security guarantees including a promise North Atlantic Treaty Organisation (Nato) never admit Ukraine.

Palo Alto Networks called the hacking group responsible "Gamaredon". In November, Ukrainian security services publicly attributed Gamaredon to a team of Russian Federal Security Service officers based in Crimea. The Russian Embassy in Washington did not immediately reply to a request for comment about Gameredon.

"They were officers of the 'Crimean' FSB, as well as traitors who sided with the enemy during the occupation of the peninsula in 2014," Ukraine's security service said in a November news release, publicising leaked audio of the hackers.

Also known as Primitive Bear by security researchers, Gamaredon is one of the most "active existing advanced persistent threats targeting Ukraine," the report said.

"Given the steps and precision delivery involved in this campaign, it appears this may have been a specific, deliberate attempt" to target a "Western government organisation", a Palo Alto Networks spokesperson said in a statement.

A Nato spokesman did not immediately respond to a request for comment.

Russia could use cyber attacks as part of its efforts to destabilise and further invade Ukraine, White House cyber official Anne Neuberger said on Wednesday, during a visit to her European counterparts.

Ms Neuberger's visit came just weeks after a different cyber attack against Ukrainian government websites left a warning to visitors: "Be afraid and expect the worst."

Join ST's Telegram channel and get the latest breaking news delivered to you.