The search engine Yandex, often referred to as Russia's Google, was the target of a cyberattack that occurred late last year which was orchestrated by hackers working for Western intelligence agencies.
The hackers deployed a rare type of malware, called Reign, in an attempt to spy on user accounts according to a new report from Reuters who spoke with four people familiar with the incident. This particular strain of malware is known to be used by the Five Eyes nations as a result of Edward Snowden leaking classified NSA documents.
While cyberattacks against Western organizations and governments receive a great deal of media attention, similar attacks against Russia are rarely acknowledged or discussed openly in public.
- Five Eyes nations want access to your encrypted communications data
- Google and VPN services could be fined $77k by Russia
- Web browser you've never heard of adds cutting-edge security feature
Those familiar with the incident were able to determine that one of the Five Eyes nations orchestrated the cyberattack but they remain unsure as to whether the US, the UK, Australia, New Zealand or Canada was responsible.
The security breach of Yandex took place between October and November of 2018 and the hackers were able to covertly maintain their access to the company's systems for at least several weeks before they were ultimately detected.
Reuter's sources said that the hackers were searching for technical information that could explain how the Russian company authenticates user accounts. This information could be leveraged by a spy agency to impersonate a Yandex user and access their private messages.
However, the hack of Yandex's research and development unit was an espionage operation as opposed to one aimed at disrupting the company's business or stealing its intellectual property.
Now that the news of the cyberattack on its company is out, Yandex has responded in a press release in which it reassured its users that no customer data was affected by the breach, saying:
“Cyber attacks are a common occurrence throughout the world. This particular attack was detected at an early stage by the Yandex security team. It was fully neutralized before any damage to Yandex customers' data was done. At this point in time we are not disclosing any further details about the attack. The Yandex security team’s response ensured that no user data was compromised by the attack.
“Ensuring the security of user data is of critical importance to us. Following the attempted attack, we took the necessary measures to ensure that we would not be susceptible to such an attack in the future. We continue to employ all relevant cyber defense tools and also cooperate with leading third-party experts and providers to protect our users' privacy.”
- Keep your systems protected from the latest cyber threats with the best antivirus of 2019