Russian spies accused of interfering within the 2016 U.S. presidential election have spent much of the past two years abusing virtual private networks (VPNs) to focus on many organizations worldwide, U.S. and British authorities said on Thursday.
The governments said during a joint advisory that Unit 26165, the arm of Russia’s military spy agency whose officers were indicted for allegedly breaking into Democratic Party emails, had been using VPNs and Tor – a privacy-focused network – to conduct “widespread, distributed, and anonymized brute force access attempts against many government and personal sector targets.”
The advisory didn’t identify any of the targets by name, saying only that they were mainly within the us and Europe and included government offices, political parties, energy companies, law firms and media organizations.
The Russian Embassy in Washington didn’t immediately return a message seeking comment. Russian officials routinely reject allegations that they employ hackers to spy on rival nations.
Unit 26165 first came into the general public eye in mid-2018, when a dozen members were indicted during special counsel Robert Mueller’s investigation into Russian interference within the election that brought former president Donald Trump to power. More members of the unit were indicted later that year for allegedly hacking international anti-doping officials.
The unit has regularly made the news since. Last year it had been called out by U.S. officials for allegedly using malicious software to interrupt into Linux systems.
Thursday’s joint advisory was released by the U.S. National Security Agency, the Department of Homeland Security’s cyber arm, the Federal Bureau of Investigation and therefore the British National Cyber Security Centre.
Spy agencies within the us and Britain are increasingly vocal about calling out foreign hacking, especially when it allegedly originates from Russia or China.