Snake – Russia’s most advanced cyber espionage tool and why it is so dangerous

Snake is a cyber espionage tool deployed by Russia’s Federal Security Service. (Representative)

Robina, Australia:

Like most people I check my emails in the morning, my inbox papered through a combination of work requests, spam and news alerts.

But yesterday brought something different and deeply troubling. I checked with the US Cyber ​​Security and Infrastructure Security Agency (CISAabout something very devious malware who was infected a network of computers,

The malware in question is Snake, a cyber espionage tool deployed by Russia’s Federal Security Service that has been around for 20 years.

According to CISA, the Snake implant is “the most sophisticated cyber espionage device designed and used by Center 16 of Russia’s Federal Security Service for long-term intelligence collection on sensitive targets”.

sneaky snake

The Russian Federal Security Service developed the Snake network in 2003 for global operations. Cyber ​​espionage Operations against NATO, companies, research institutes, media organizations, financial services, government agencies and others.

So far, it has been detected on Windows, Linux and macOS computers in more than 50 countries, including Australia,

Elite Russian cyber espionage teams placed malware on a target’s computer, copied sensitive information of interest, and then sent it to Russia. It’s a simple concept, hidden in excellent technical design.

Since its creation, Russian cyber spies have regularly snake malware upgraded to avoid detection. current version it’s clever in how Continuous Avoids detection and defends himself.

In addition, the snake network can disrupt important industrial control systems who manage our buildings, hospitals, energy systems, water and wastewater systems – so the risks went beyond mere intelligence collection.

There are warnings that in a few years bad actors could gain the ability to hijack critical Australian infrastructure and cause unprecedented damage by intervening. with physical operation,

snake hunting

On May 9, the US Department of Justice announced The Federal Bureau of Investigation finally busted the global snakebite peer-to-peer network infected computers.

The secret network allowed infected computers to collect sensitive information. Snake malware then hid sensitive information through sophisticated encodingAnd sent it to the spy bosses.

Since Snake Malware Custom communication protocolIts covert operations remained undetected for decades. You can think of a custom protocol as a way to transmit information so that it cannot be detected.

However, with Russia’s war in Ukraine and increased cyber security activity over the past few years, the FBI has increased its monitoring of Russian cyber threats.

While the Snake malware is an elegantly designed piece of code, it is complex and needs to be deployed properly to avoid detection. According to the Justice Department press release, the Russian cyber spies were careless in more than a few instances and did not deploy as designed.

As a result, the Americans discovered Snake and prepared a response.

snake bites

the fbi received a court order destroy the snake As part of an operation code named Medusa.

They have developed a tool called PERSEUS which causes Snake malware disable Prevent further infection of yourself and other computers. Perseus Tools and instruction guides are freely available for detection, patching, and remediation.

Justice Department gives advice that PERSEUS only blocks this malware on computers that are already infected; If it does not patch Find and remove vulnerabilities, or other malware, on other computers.

Even if the snake network is disrupted, the department warns weaknesses may still exist for users, and they should follow the safe cyber security hygiene practices.

snake bite treatment

Fortunately, effective cyber security hygiene doesn’t have to be overly complicated. Microsoft has identified five activities that prevent 98% of cyber security attacks, whether you are at home or at work.

  1. enable multi-factor authentication across all your online accounts and apps. This login process requires several steps such as entering your password, followed by a code received via an SMS message – or even a biometric fingerprint or secret question (Favorite drummer? Ringo!).

  2. Enforce “zero trust” principles, It is a best practice to authenticate, authorize and continually validate all system users (internal and external) to ensure that they have the right to access the system. Whether you are using computer systems at work or at home, the zero trust approach should be implemented.

  3. Use Modern Anti-Malware Program. Anti-malware, also known as antivirus software, protects and removes malware, large and small, from our systems.

  4. keep up to date, Regular system and software updates not only help keep new applications secure, but also patch vulnerable areas of your system.

  5. protect your data, Back up your important data, whether it’s a physical printout or on an external device disconnected from your network, such as an external drive or USB.

Like most Australians, I have been a victim of cyberbullying. and recently optus data breach and Woolworths MyDeals And Medibank attacks, people are realizing how dire the consequences of these incidents can be.

We can expect malicious cyber attacks to increase in the future, and their impact will only become more severe. Snake malware is a sophisticated piece of software which creates another concern. But in this case, we have an antidote and can protect ourselves by actively following the above steps.

If you are concerned about Snake malware you can read more HereOr talk to the nice folks at your IT service desk.Conversation

,Author:Greg SkulmoskyAssociate Professor, Project Management, bond university,

,disclosure statement: Greg Skulmosky works at Bond University and commenting on its academics news enhances Bond University’s reputation)

This article is republished from Conversation Under Creative Commons Licence. read the original article,

(This story has not been edited by NDTV staff and is auto-generated from a syndicated feed.)