London Daily

Focus on the big picture.
Thursday, Sep 04, 2025

US, Britain Warn of Russian ‘Brute Force’ Cyber Campaign

US, Britain Warn of Russian ‘Brute Force’ Cyber Campaign

The United States and Britain are sounding another alarm about Russian activity in cyberspace, accusing the Kremlin of repeatedly trying to smash its way into the critical systems of government agencies, defense contractors, universities and even political parties. 
A joint advisory Thursday from the U.S. National Security Agency (NSA) and Britain's National Cyber Security Center said Russian military intelligence, the GRU, has been carrying out a "brute force" campaign since 2019 — getting hold of credentials, such as email logins, and then repeatedly guessing passwords until the hackers can gain entry. 

"After gaining remote access, many well-known tactics, techniques, and procedures (TTPs) are combined to move laterally, evade defenses, and collect additional information within target networks," the advisory said.   

The advisory noted that Russia's GRU has successfully targeted hundreds of U.S. and foreign organizations, as well as various U.S. government agencies, such as the Department of Defense. 

The Russians "directed a significant amount of this activity at organizations using Microsoft Office 365 cloud services; however, they also targeted other service providers & on-premises email servers," according to the advisory. "These efforts are almost certainly still ongoing." 

Elements of the campaign have previously been attributed to the Russian cyber actors known as Fancy Bear, APT28 or Strontium, but the NSA said Thursday that it felt compelled to share additional information on the attacks given the size of the ongoing operations.

"While the brute force techniques are not new, the distributed, highly scalable and anonymized nature of this brute forcing infrastructure highlights a persistent and increasing threat to the community," the agency told VOA in a statement.

U.S. officials urged agencies and organizations to take basic precautions as a first step in fighting back. 

"You can counter it by using strong authentication measures," NSA Cybersecurity Director Rob Joyce tweeted Thursday. "Adding multi-factor authentication will go a long way in remediating the threat." 

The NSA said other precautions, including time-out and lock-out features, could also help slow brute-force attacks and even "render them infeasible."

The brute-force attack advisory follows a string of high-profile hacks and ransomware attacks, including the December hack of SolarWinds, a U.S.-based software management company, which exposed as many as 18,000 customers to Russian hackers, and the May 7 ransomware attack against Colonial Pipeline, the largest fuel pipeline operator in the U.S. 

U.S. intelligence agencies have said the SolarWinds hack was part of a Russian operation, although cybersecurity experts say it was carried out by Russia's foreign intelligence service and not the GRU. 

U.S. officials have blamed the GRU for targeting the Democratic National Committee during the 2016 elections and the pharmaceutical companies developing vaccines against the coronavirus. 

"This is a good reminder that the GRU remains a looming threat," John Hultquist, vice president of analysis at the cybersecurity firm Mandiant Threat Intelligence, said in a statement Thursday. 

Hultquist added that the advisory was "especially important given the coming Olympics, an event they may well attempt to disrupt." But he also warned that "despite our best efforts, we are very unlikely to ever stop Moscow from spying."    

Some U.S. lawmakers have called for mandatory reporting requirements for companies hit by major hacks, ransomware attacks and other types of breaches, saying it will help the government respond more effectively to cyber intrusions. 

The nation's new cyber director, Chris Inglis, has also warned that although too many malign actors are operating with impunity in cyberspace, many private sector companies have likewise failed to take the necessary precautions. 

"It may well be we need to step in and we need to regulate or mandate in the same way we've done that for the aviation industry or the automobile industry," Inglis told lawmakers during his confirmation hearing last month. 
Newsletter

Related Articles

0:00
0:00
Close
Putin Celebrates ‘Unprecedentedly High’ Ties with China as Gazprom Seals Power of Siberia-2 Deal
China Unveils New Weapons in Grand Military Parade as Xi Hosts Putin and Kim
Queen Camilla’s Teenage Courage: Fended Off Attempted Assault on London Train, New Biography Reveals
Scottish Brothers Set Record in Historic Pacific Row
Rapper Cardi B Cleared of Liability in Los Angeles Civil Assault Trial
Google Avoids Break-Up in U.S. Antitrust Case as Stocks Rise
Couple celebrates 80th wedding anniversary at assisted living facility in Lancaster
Information Warfare in the Age of AI: How Language Models Become Targets and Tools
The White House on LinkedIn Has Changed Their Profile Picture to Donald Trump
"Insulted the Prophet Muhammad": Woman Burned Alive by Angry Mob in Niger State, Nigeria
Trump Responds to Death Rumors – Announces 'Missile City'
Court of Appeal Allows Asylum Seekers to Remain at Essex Hotel Amid Local Tax Boycott Threats
Germany in Turmoil: Ukrainian Teenage Girl Pushed to Death by Illegal Iraqi Migrant
United Krack down on human rights: Graham Linehan Arrested at Heathrow Over Three X Posts, Hospitalised, Released on Bail with Posting Ban
Asian and Middle Eastern Investors Avoid US Markets
Ray Dalio Warns of US Shift to Autocracy
Eurozone Inflation Rises to 2.1% in August
Russia and China Sign New Gas Pipeline Deal
China's Robotics Industry Fuels Export Surge
Suntory Chairman Resigns After Police Probe
Gold Price Hits New All-Time Record
Von der Leyen's Plane Hit by Suspected Russian GPS Interference in an Incident Believed to Be Caused by Russia or by Pro-Peace or by Anti-Corruption European Activists
UK Fintechs Explore Buying US Banks
Greece Suspends 5% of Schools as Birth Rate Drops
Apollo to Launch $5 Billion Sports Investment Vehicle
Bolsonaro Trial Nears Close Amid US-Brazil Tension
European Banks Push for Lower Cross-Border Barriers
Poland's Offshore Wind Sector Attracts Investors
Nvidia Reveals: Two Mystery Customers Account for About 40% of Revenue
Woody Allen: "I Would Be Happy to Direct Trump Again in a Film"
Pickles are the latest craze among Generation Z in the United States.
Deadline Day Delivers Record £125m Isak Move and Donnarumma to City
Nestlé Removes CEO Laurent Freixe Following Undisclosed Relationship with Subordinate
Giuliani Seriously Injured in Accident – Trump to Award Him the Presidential Medal of Freedom
EU is getting aggressive: Four AfD Candidates Die Unexpectedly Ahead of North Rhine-Westphalia Local Elections
Lula and Putin Hold Strategic BRICS Discussions Ahead of Trump–Putin Summit
WhatsApp is rolling out a feature that looks a lot like Telegram.
Investigations Reveal Rise in ‘Sex-for-Rent’ Listings Across Canada Exploiting Vulnerable Tenants
Chinese and Indian Leaders Pursue Amity Amid Global Shifts
European Union Plans for Ukraine Deployment
ECB Warns Against Inflation Complacency
Concerns Over North Cyprus Casino Development
Shipping Companies Look Beyond Chinese Finance
Rural Exodus Fueling European Wildfires
China Hosts Major Security Meeting
Chinese Police Successfully Recover Family's Savings from Livestream Purchases
Germany Marks a Decade Since Migrant Wave with Divisions, Success Stories, and Political Shifts
Liverpool Defeat Arsenal 1–0 with Szoboszlai Free-Kick to Stay Top of Premier League
Prince Harry and King Charles to Meet in First Reunion After 20 Months
Chinese Stock Market Rally Fueled by Domestic Investors
×