iTnews Asia
  • Home
  • News
  • Security

Cyber agencies find espionage infrastructure in 50-plus countries

Cyber agencies find espionage infrastructure in 50-plus countries

Russian attack tool infrastructure laid bare.

By Richard Chirgwin on May 10, 2023 12:02PM

Nine cyber security agencies in five countries including Australia have issued a warning against an implant they’ve dubbed Snake, and attributed to Russia’s FSB security service.

It’s not the first time Snake has made the news: the malware has been known to threat-hunters since at least 2014, when Kaspersky discussed it at Black Hat.

In a post detailing the espionage tool, America’s Cybersecurity and Infrastructure Security Agency (CISA) laid bare Snake’s international peer-to-peer network of infected computers, and provided a detailed description of its architecture.

“Many systems in this P2P network serve as relay nodes which route disguised operational traffic to and from Snake implants on the FSB’s ultimate targets,” CISA said.

“Snake’s custom communications protocols employ encryption and fragmentation for confidentiality and are designed to hamper detection and collection efforts.”

Infrastructure has been found in 50 countries in North America, South America, Europe, Africa, Asia, and Australia, as well as Russia.

CISA identified government networks, research facilities and journalists as targets, and Snake has been used to “exfiltrate sensitive international relations documents, as well as other diplomatic communications” from a NATO member.

Victim organisations in North America included education, media organisations, and a range of critical infrastructure operators.

Calling Snake the “most sophisticated cyber espionage tool in the FSB’s arsenal”, CISA said it has a “rare level of stealth” both in infected hosts and network communications, with an internal structure designed for easy incorporation of new or replacement components”.

It’s a cross-platform system, CISA said, with variants for Windows, macOS and Linux.

The agencies behind the advisory are the FBI, National Security Agency, CISA and the Cyber National Mission Force from the USA; the UK’s National Cyber Security Centre; Canada’s Centre for Cyber Security and Communications Security Establishment; the Australian Cyber Security Centre; and New Zealand’s National Cyber Security Centre.

To reach the editorial team on your feedback, story ideas and pitches, contact them here.
Copyright © iTnews.com.au . All rights reserved.
Tags:
acsc cisa fsb security snake

Related Articles

  • Why is fragmentation the next big cybersecurity risk?
  • The maritime sector is now in the crosshairs of cybercriminals
  • Tips on how to harness AI to transform your DDoS protection into proactive cyber defence
  • Malaysia secures communications for the upcoming ASEAN Summit
Share on Twitter Share on Facebook Share on LinkedIn Share on Whatsapp Email A Friend

Most Read Articles

The maritime sector is now in the crosshairs of cybercriminals

The maritime sector is now in the crosshairs of cybercriminals
Why is fragmentation the next big cybersecurity risk?

Why is fragmentation the next big cybersecurity risk?
Tips on how to harness AI to transform your DDoS protection into proactive cyber defence

Tips on how to harness AI to transform your DDoS protection into proactive cyber defence
Indonesia's national data centre suffers ransomware attack

Indonesia's national data centre suffers ransomware attack
All rights reserved. This material may not be published, broadcast, rewritten or redistributed in any form without prior authorisation.
Your use of this website constitutes acceptance of Lighthouse Independent Media's Privacy Policy and Terms & Conditions.