In
a statement released on Wednesday, the U.S. National Security
Agency, the FBI and cyber watchdog agency CISA accused the
hackers, sometimes known as Cozy Bear or APT29, of trying to
hijack the servers in a bid to access software developers'
source code, something that could potentially allow them to
tamper with its compilation or deployment.
A similar technique was used to doctor software made by the U.S.
software firm SolarWinds, the statement noted. That
cyberespionage campaign led to a wave of serious breaches across
the government that were discovered in 2019.
Russian officials did not immediately return a message seeking
comment. Moscow has previously denied hacking allegations.
In a statement, Prague-based JetBrains said it had fixed the
vulnerability affecting its TeamCity collaborative software
building tool in September and had been contacting its customers
since in the hope of "motivating them to update."
It said fewer than 2% of TeamCity instances still used unpatched
software.
Programs like TeamCity - which help manage other companies'
software building process - can potentially make for ideal
springboards for hackers looking to break into many different
targets at once.
Securing that kind of sweeping access has been a key priority
for APT29, which is alleged by Western officials and private
cybersecurity companies to act on behalf of Russia's foreign
intelligence agency, the SVR, and is generally considered one of
the country's elite hacking groups.
The U.S. statement said the U.S. and its allies had identified
"a few dozen compromised companies" in the United States,
Europe, Asia, and Australia. It said the companies had little in
common except that they had outdated and vulnerable versions of
JetBrains exposed to the internet, suggesting the hacks were
"opportunistic in nature and not necessarily a targeted attack."
The statement was co-signed by Britain's National Cyber Security
Centre as well as Poland's Military Counterintelligence Service
and its Computer Emergency Response Team.
(Reporting by Raphael Satter; Editing by Jonathan Oatis, Daniel
Wallis and Sandra Maler)
[© 2023 Thomson Reuters. All rights
reserved.]
Copyright 2022 Reuters. All rights reserved. This material may
not be published, broadcast, rewritten or redistributed.
Thompson Reuters is solely responsible for this content.
|
|