London Daily

Focus on the big picture.
Wednesday, Sep 24, 2025

US, Britain Warn of Russian ‘Brute Force’ Cyber Campaign

US, Britain Warn of Russian ‘Brute Force’ Cyber Campaign

The United States and Britain are sounding another alarm about Russian activity in cyberspace, accusing the Kremlin of repeatedly trying to smash its way into the critical systems of government agencies, defense contractors, universities and even political parties. 
A joint advisory Thursday from the U.S. National Security Agency (NSA) and Britain's National Cyber Security Center said Russian military intelligence, the GRU, has been carrying out a "brute force" campaign since 2019 — getting hold of credentials, such as email logins, and then repeatedly guessing passwords until the hackers can gain entry. 

"After gaining remote access, many well-known tactics, techniques, and procedures (TTPs) are combined to move laterally, evade defenses, and collect additional information within target networks," the advisory said.   

The advisory noted that Russia's GRU has successfully targeted hundreds of U.S. and foreign organizations, as well as various U.S. government agencies, such as the Department of Defense. 

The Russians "directed a significant amount of this activity at organizations using Microsoft Office 365 cloud services; however, they also targeted other service providers & on-premises email servers," according to the advisory. "These efforts are almost certainly still ongoing." 

Elements of the campaign have previously been attributed to the Russian cyber actors known as Fancy Bear, APT28 or Strontium, but the NSA said Thursday that it felt compelled to share additional information on the attacks given the size of the ongoing operations.

"While the brute force techniques are not new, the distributed, highly scalable and anonymized nature of this brute forcing infrastructure highlights a persistent and increasing threat to the community," the agency told VOA in a statement.

U.S. officials urged agencies and organizations to take basic precautions as a first step in fighting back. 

"You can counter it by using strong authentication measures," NSA Cybersecurity Director Rob Joyce tweeted Thursday. "Adding multi-factor authentication will go a long way in remediating the threat." 

The NSA said other precautions, including time-out and lock-out features, could also help slow brute-force attacks and even "render them infeasible."

The brute-force attack advisory follows a string of high-profile hacks and ransomware attacks, including the December hack of SolarWinds, a U.S.-based software management company, which exposed as many as 18,000 customers to Russian hackers, and the May 7 ransomware attack against Colonial Pipeline, the largest fuel pipeline operator in the U.S. 

U.S. intelligence agencies have said the SolarWinds hack was part of a Russian operation, although cybersecurity experts say it was carried out by Russia's foreign intelligence service and not the GRU. 

U.S. officials have blamed the GRU for targeting the Democratic National Committee during the 2016 elections and the pharmaceutical companies developing vaccines against the coronavirus. 

"This is a good reminder that the GRU remains a looming threat," John Hultquist, vice president of analysis at the cybersecurity firm Mandiant Threat Intelligence, said in a statement Thursday. 

Hultquist added that the advisory was "especially important given the coming Olympics, an event they may well attempt to disrupt." But he also warned that "despite our best efforts, we are very unlikely to ever stop Moscow from spying."    

Some U.S. lawmakers have called for mandatory reporting requirements for companies hit by major hacks, ransomware attacks and other types of breaches, saying it will help the government respond more effectively to cyber intrusions. 

The nation's new cyber director, Chris Inglis, has also warned that although too many malign actors are operating with impunity in cyberspace, many private sector companies have likewise failed to take the necessary precautions. 

"It may well be we need to step in and we need to regulate or mandate in the same way we've done that for the aviation industry or the automobile industry," Inglis told lawmakers during his confirmation hearing last month. 
Newsletter

Related Articles

0:00
0:00
Close
Typhoon Ragasa Leaves Trail of Destruction Across East Asia Before Making Landfall in China
The Personality Rights Challenge in India’s AI Era
Big Banks Rebuild in Hong Kong as Deal Volume Surges
Italy Considers Freezing Retirement Age at 67 to Avert Scheduled Hike
Italian City to Impose Tax on Visiting Dogs Starting in 2026
Arnault Denounces Proposed Wealth Tax as Threat to French Economy
Study Finds No Safe Level of Alcohol for Dementia Risk
Denmark Investigates Drone Incursion, Does Not Rule Out Russian Involvement
Lilly CEO Warns UK Is ‘Worst Country in Europe’ for Drug Prices, Pulls Back Investment
Nigel Farage Emerges as Central Force in British Politics with Reform UK Surge
Disney Reinstates ‘Jimmy Kimmel Live!’ after Six-Day Suspension over Charlie Kirk Comments
U.S. Prosecutors Move to Break Up Google’s Advertising Monopoly
Nvidia Pledges Up to $100 Billion Investment in OpenAI to Power Massive AI Data Center Build-Out
U.S. Signals ‘Large and Forceful’ Support for Argentina Amid Market Turmoil
Nvidia and Abu Dhabi’s TII Launch First AI-&-Robotics Lab in the Middle East
Vietnam Faces Up to $25 Billion Export Loss as U.S. Tariffs Bite
Europe Signals Stronger Support for Taiwan at Major Taipei Defence Show
Indonesia Court Upholds Military Law Amid Concerns Over Expanded Civilian Role
Larry Ellison, Michael Dell and Rupert Murdoch Join Trump-Backed Bid to Take Over TikTok
Trump and Musk Reunite Publicly for First Time Since Fallout at Kirk Memorial
Vietnam Closes 86 Million Untouched Bank Accounts Over Biometric ID Rules
Explosive Email Shows Sarah Ferguson Begged Forgiveness from Jeffrey Epstein After Taking His Money
Corrupt UK Politician Ed Davey Demands Elon Musk’s Arrest for Supporting Democracy
UK, Canada, and Australia Officially Recognise Palestine in Historic Shift
Alibaba Debuts Open-Source Deep Research Agent with Benchmarks Rivaling OpenAI
Marcos Faces Legacy-Defining Crisis as Flood Projects Scandal Sparks Massive Tide of Protests
China’s Micro-Drama Boom Turns Stalled Real Estate Projects into Lavish Film Sets
New Eye Drops Show Promise in Replacing Reading Glasses for Presbyopia
'Company Got 5,189 H-1B Visas, Then Laid Off 16,000 Americans': US Defends New $100,000 H-1B Visa Fee
Golf legend tells Omar she should be 'sent back to Somalia' after her Kirk comments
EU Set to Bar Big Tech from New Financial Data Access Scheme
China Bans Livestreaming and AI in Religion Amid Crackdown on Shaolin Temple Scandal
Documents Reveal Mandelson Failed to Declare Epstein-Funded Flights as MP in 2003
Dubai Property Boom Shows Strain as Flippers Get Buyer’s Remorse
Harris Memoir Sparks Backlash from Democrats for Blunt Critiques in ‘107 Days’
Germany Weighs Excluding France from Key European Fighter Jet Programme
Cyberattack Disrupts Check-in and Boarding Systems at Major European Airports
Japan’s ‘Death-Tainted’ Homes Gain Appeal as Prices Soar in Tokyo
Massive Attack Withdraws from Spotify Over Daniel Ek’s €600M Defence-AI Investment
Björn Borg Breaks Silence: Memoir Reveals Addiction, Shame and Cancer Battle
When Extremism Hijacks Idealism: How the Baader-Meinhof Gang Emerged and Fell
Top AI Researchers Are Heading Back to China as U.S. Struggles to Keep Pace
JWST Data Brings TRAPPIST-1e Closer to Earth-Like Habitability
Trump Orders Third Lethal Strike on Drug-Trafficking Vessel as U.S. Expands Maritime Counter-Narcotics Operations
Trump Orders $100,000 Fee on H-1B Visas and Launches ‘Gold Card’ Immigration Pathway
Why Google Search Is Fading and AI Is Taking Its Place
UAE-US Stargate Project Poised to Make Abu Dhabi a Global AI Powerhouse
Federal Judge Dismisses Trump’s Fifteen-Billion-Dollar Suit Against New York Times, Orders Refile
France’s Looming Budget Crisis and Political Fracture Raise Fears of Becoming Europe’s “Sick Man”
Three Russian MiG-31 Jets Breach Estonian Airspace in ‘Unprecedentedly Brazen’ NATO Incident
×