New York Times Subscription
A Russian ransomware group whose leaders were indicted by the Justice Department in December is retaliating against the U.S. government, many of America’s largest companies and a major news organization, identifying employees working from home during the pandemic and attempting to get inside their networks with malware intended to cripple their operations.
Sophisticated new attacks by the hacking group — which the Treasury Department claims has at times worked for Russian intelligence — were identified in recent days by Symantec Corporation, a division of Broadcom, one of the many firms that monitors corporate and government networks.
In an urgent warning issued Thursday night, the company reported that Russian hackers had exploited the sudden change in American work habits to inject code into corporate networks with a speed and breadth not previously witnessed.
“Security firms have been accused of crying wolf, but what we have seen in the past few weeks is remarkable,” said Eric Chien, Symantec’s technical director, who was known as one of the engineers who first identified the Stuxnet code that the United States and Israel used to cripple Iran’s nuclear centrifuges a decade ago. “Right now this is all about making money, but the infrastructure they are deploying could be used to wipe out a lot of data — and not just at corporations.”