The U.S. National Security Agency and Federal Bureau of Investigation announced on Thursday to have uncovered an advanced Russian hacking tool, according to a rare public report giving new details about the Russian arsenal of digital weapons.
The NSA and FBI said that the GRU, Russia’s Main Intelligence Directorate, was using a hacking tool code named “Drovorub” to breach into Linux-based computers. Linux is commonly used as operating system for computer server infrastructure.
Keppel Wood, chief operations officer in the NSA’s Cybersecurity Directorate, told Reuters: “Linux systems are used pervasively throughout National Security Systems, the Department of Defense, and the Defense Industrial Base – as well as the larger cybersecurity community writ large,” also “the malware has the potential to have a widespread impact if network defenders don’t take action against it”.
The public accusation is one of a kind, said a former Western intelligence official, since there is a direct responsability indicated by the U.S. agencies. The NSA and FBI linked Drovorub to the 85th Main Special Service Center (GTsSS), military unit 26165, a very specific Russian intelligence team.
The GTsSS, according to the agencies, is connected with the group of hackers who targeted the Democratic National Committee in 2016.
Steve Grobman, chief technology officer for cybersecurity company McAfee, said: “Drovorub is a ‘Swiss Army knife’ of capabilities that allows the attacker to perform many different functions, such as stealing files and remote-controlling the victim’s computer”.
The 45-page NSA/FBI report is the one of the latest in a series of public accusations by the U.S government directed to possible Russian hacking operations before the 2020 U.S. presidential election. The report did not specify which kind of organizations had been targeted with Drovorub.
Keppel Wood (NSA) said: “NSA is sharing this information to counter the capabilities of the GRU GTsSS, which continues to threaten the United States and its allies”. According to Reuters, the FBI did not immediately respond to a request for comment.