A Thursday report from The Intercept claimed that Russian hackers infiltrated an Austin, Texas, network and remained there since at least mid-October. The news comes in the wake of an ABC News report that claimed that Kremlin hackers breached multiple United States government computer networks. which the FBI is reportedly in the process of assessing for damage.
According to The Intercept , the Austin hack could “theoretically” give the Russians access to data on elections, politics, and city governance. The culprit is allegedly Berserk Bear, a team that reportedly used the Austin breach as a jump-off for additional cyberattacks.
Along with another cyberterrorist group, known as both APT29 and Cozy Bear, Berserk Bear is known for infiltrating networks and quietly monitoring them for months to gather intelligence on its targets. The latter —which is also known as Dragonfly, Crouching Yeti, and BROMINE — is allegedly believed to be behind various breachings of American government infrastructure over the last year.
John Scott-Railton, a senior researcher at Citizen Lab at the University of Toronto’s Munk School of Global Affairs and Public Policy, spoke to The Intercept about the attack and was not surprised that Austin was used to drive other cyberattacks.
“It’s not surprising that hackers, when they find an unsecured server that is in the country that they’re targeting, use that as a jumping off point for lots of other things.”
A spokesperson for the city of Austin told the publication it is aware of the attack but not allowed to reveal information on any active criminal investigations.
The recent hack comes not long after Donald Trump fired Christopher Krebs, the director of the Cybersecurity and Infrastructure Security Agency. The move was due to Krebs’ refusal to support his claims of interference in the 2020 U.S. presidential election.
In response to the recent attacks by APT29, President-elect Joe Biden issued a statement on the issue.
“I have instructed my team to learn as much as we can about this breach, and Vice President-elect Harris and I are grateful to the career public servants who have briefed our team on their findings, and who are working around-the-clock to respond to this attack.”
Former National Security Agency staffer Reality Winner was imprisoned for releasing intelligence that showed the extent of Russia’s alleged meddling in the 2016 presidential elections. The intelligence revealed that the hackers used spear phishing to attempt to infiltrate American election software firms — the same tactic used by Kremlin hackers to enter prominent Democrat John Podesta’s email account.