London Daily

Focus on the big picture.
Sunday, Jul 06, 2025

US, Britain Warn of Russian ‘Brute Force’ Cyber Campaign

US, Britain Warn of Russian ‘Brute Force’ Cyber Campaign

The United States and Britain are sounding another alarm about Russian activity in cyberspace, accusing the Kremlin of repeatedly trying to smash its way into the critical systems of government agencies, defense contractors, universities and even political parties. 
A joint advisory Thursday from the U.S. National Security Agency (NSA) and Britain's National Cyber Security Center said Russian military intelligence, the GRU, has been carrying out a "brute force" campaign since 2019 — getting hold of credentials, such as email logins, and then repeatedly guessing passwords until the hackers can gain entry. 

"After gaining remote access, many well-known tactics, techniques, and procedures (TTPs) are combined to move laterally, evade defenses, and collect additional information within target networks," the advisory said.   

The advisory noted that Russia's GRU has successfully targeted hundreds of U.S. and foreign organizations, as well as various U.S. government agencies, such as the Department of Defense. 

The Russians "directed a significant amount of this activity at organizations using Microsoft Office 365 cloud services; however, they also targeted other service providers & on-premises email servers," according to the advisory. "These efforts are almost certainly still ongoing." 

Elements of the campaign have previously been attributed to the Russian cyber actors known as Fancy Bear, APT28 or Strontium, but the NSA said Thursday that it felt compelled to share additional information on the attacks given the size of the ongoing operations.

"While the brute force techniques are not new, the distributed, highly scalable and anonymized nature of this brute forcing infrastructure highlights a persistent and increasing threat to the community," the agency told VOA in a statement.

U.S. officials urged agencies and organizations to take basic precautions as a first step in fighting back. 

"You can counter it by using strong authentication measures," NSA Cybersecurity Director Rob Joyce tweeted Thursday. "Adding multi-factor authentication will go a long way in remediating the threat." 

The NSA said other precautions, including time-out and lock-out features, could also help slow brute-force attacks and even "render them infeasible."

The brute-force attack advisory follows a string of high-profile hacks and ransomware attacks, including the December hack of SolarWinds, a U.S.-based software management company, which exposed as many as 18,000 customers to Russian hackers, and the May 7 ransomware attack against Colonial Pipeline, the largest fuel pipeline operator in the U.S. 

U.S. intelligence agencies have said the SolarWinds hack was part of a Russian operation, although cybersecurity experts say it was carried out by Russia's foreign intelligence service and not the GRU. 

U.S. officials have blamed the GRU for targeting the Democratic National Committee during the 2016 elections and the pharmaceutical companies developing vaccines against the coronavirus. 

"This is a good reminder that the GRU remains a looming threat," John Hultquist, vice president of analysis at the cybersecurity firm Mandiant Threat Intelligence, said in a statement Thursday. 

Hultquist added that the advisory was "especially important given the coming Olympics, an event they may well attempt to disrupt." But he also warned that "despite our best efforts, we are very unlikely to ever stop Moscow from spying."    

Some U.S. lawmakers have called for mandatory reporting requirements for companies hit by major hacks, ransomware attacks and other types of breaches, saying it will help the government respond more effectively to cyber intrusions. 

The nation's new cyber director, Chris Inglis, has also warned that although too many malign actors are operating with impunity in cyberspace, many private sector companies have likewise failed to take the necessary precautions. 

"It may well be we need to step in and we need to regulate or mandate in the same way we've done that for the aviation industry or the automobile industry," Inglis told lawmakers during his confirmation hearing last month. 
Newsletter

Related Articles

0:00
0:00
Close
Elon Musk Founds a Party Following a Poll on X: "You Wanted It – You Got It!"
London Stock Exchange Faces Historic Low in Initial Public Offerings
A new online platform has emerged in the United Kingdom, specifically targeting Muslim men seeking virgin brides
Trump Celebrates Independence Day with B-2 Flyover and Signs Controversial Legislation
Boris Johnson Urges Conservatives to Ignore Farage
SNP Ordered to Update Single-Sex Space Guidance Within Days
Starmer Set to Reject Calls for Wealth Taxes
Stolen Century-Old Rolls-Royce Recovered After Hotel Theft
Macron Presses Starmer to Recognise Palestinian State
Labour Delayed Palestine Action Ban Over Riot Concerns
Swinney’s Tax Comments ‘Offensive to Scots’, Say Tories
High Street Retailers to Enforce Bans on Serial Shoplifters
Music Banned by Henry VIII to Be Performed After 500 Years
Steve Coogan Says Working Class Is Being ‘Ethnically Cleansed’
Home Office Admits Uncertainty Over Visa Overstayer Numbers
JD Vance Questions Mandelson Over Reform Party’s Rising Popularity
Macron to Receive Windsor Carriage Ride in Royal Gesture
Labour Accused of ‘Hammering’ Scots During First Year in Power
BBC Head of Music Stood Down Amid Bob Vylan Controversy
Corbyn Eyes Hard-Left Challenge to Starmer’s Leadership
London Tube Trains Suspended After Major Fire Erupts Nearby
Richard Kemp: I Felt Safer in Israel Under Attack Than in the UK
Cyclist Says Police Cited Human Rights Act for Riding No-Handed
China’s Central Bank Consults European Peers on Low-Rate Strategies
AI Raises Alarms Over Long-Term Job Security
Saudi Arabia Maintains Ties with Iran Despite Israel Conflict
Musk Battles to Protect Tesla Amid Trump Policy Threats
Air France-KLM Acquires Majority Stake in Scandinavian Airlines
UK Educators Sound Alarm on Declining Child Literacy
Shein Fined €40 Million in France Over Misleading Discounts
Brazil’s Lula Visits Kirchner During Argentina House Arrest
Trump Scores Legislative Win as House Passes Tax Reform Bill
Keir Starmer Faces Criticism After Rocky First Year in Power
DJI Launches Heavy-Duty Coaxial Quadcopter with 80 kg Lift Capacity
U.S. Senate Approves Major Legislation Dubbed the 'Big Beautiful Bill'
Largest Healthcare Fraud Takedown in U.S. History Announced by DOJ
Poland Implements Border Checks Amid Growing Migration Tensions
Political Dispute Escalates Between Trump and Musk
Emirates Airline Expands Market Share with New $20 Million Campaign
Amazon Reaches Milestone with Deployment of One Millionth Robot
US Senate Votes to Remove AI Regulation Moratorium from Domestic Policy Bill
Yulia Putintseva Calls for Spectator Ejection at Wimbledon Over Safety Concerns
Jury Deliberations in Diddy Trial Yield Partial Verdict in Serious Criminal Charges
House Oversight Committee Subpoenas Former Jill Biden Aide Amid Investigation into Alleged Concealment of President Biden's Cognitive Health
King Charles Plans Significant Role for Prince Harry in Coronation
Two Chinese Nationals Arrested for Espionage Activities Against U.S. Navy
Amazon Reaches Major Automation Milestone with Over One Million Robots
Extreme Heat Wave Sweeps Across Europe, Hitting Record Temperatures
Meta Announces Formation of Ambitious AI Unit, Meta Superintelligence Labs
Robots Compete in Football Tournament in China Amid Injuries
×