The U.S. government has a message for just about everyone with a computer: Russia is still using some of the oldest tricks in the hacker book to break into your systems.
The Russian military intelligence is continuing its worldwide hacking campaigns, the National Security Agency announced Thursday, including "brute force" campaigns — a classic hacking technique that automates possible username or password combinations until the hacker gets access to a computer network.
The warning is not particularly unique, but stands out for the cross-nation coordination and timing. In a joint advisory with several other federal agencies and the United Kingdom, the NSA declared that a unit within Russia's GRU agency, responsible for some of the most prolific and impactful hacking attacks in history, has been behind a campaign to access "hundreds of government and private sector targets worldwide" since 2019.
The announcement comes with just three weeks before the Olympic Games are set to begin in Japan — an event in which many Russian athletes will be forced to compete as independents, as punishment for the country's prior doping scandals.
The GRU campaign went after the government, military, political parties, defense contractors, energy companies, universities, law firms and media outlets, it said.
While intelligence agencies around the world routinely hack targets for the sake of gathering information, the GRU has infamously taken the extra step of sometimes dumping its stolen material. In 2016, after hacking Democratic Party networks, it published some of the files and gave others to WikiLeaks, in an effort to damage Hillary Clinton's candidacy against Donald Trump.
After Russia was banned from the 2016 Rio de Janeiro Olympics over its athletes systematically doping, the GRU also hacked and released medical information on U.S. athletes ahead of the games.
The activity the NSA warned about Thursday appears to be merely traditional espionage, said John Hultquist, the vice president of threat intelligence at the cybersecurity company Mandiant.
"They've still got a regular, classic espionage mission they're constantly on," he said. "It's important to remember no matter what steps we take on these actors, this mission will never go away. It'll always be out there."
While hacking to gather intelligence is broadly considered fair game for major cyber powers — and a central part of the NSA's own mission — the Biden administration has drawn some red lines over the types of campaigns it finds irresponsible.
In April, the administration formally blamed another Russian agency, the SVR, for masterminding an extraordinarily broad cyberespionage campaign last year. By hacking a small company that provided remote services to hundreds of thousands of companies and agencies around the world, the agency went beyond the pale, the White House said.
Similarly, the White House is set to blame China for how it handled its hack of the email program Microsoft Exchange, White House deputy national security adviser Anne Neuberger said in a talk Tuesday. While discovering and using a flaw in a program to gather intelligence is routine, a number of other hackers quickly learned of the vulnerability before Microsoft could fix it, leading to worries that China's elite hackers could be responsible for leaking the vulnerability they had discovered.