A Russia-linked cyber espionage ring exploited a flaw in Microsoft (NASDAQ:MSFT) Windows to spy on several high-profile targets, including NATO and the Ukrainian government, according to a report from a U.S. cyber intelligence firm.
ISight Partners says the hacking group utilized a “zero day” flaw that is present in all versions of Windows from Vista to 8.1 to prey on its targets, which also included European companies within the energy and telecommunications sectors.
ISight senior director Stephen Ward tells FOX Business that the company has been monitoring the cyber espionage ring – which it calls “Sandworm Team”, due to its references to science-fiction series “Dune” – since December 2013, and discovered the flaw in September. He says this particular group has been active since 2009.
According to Ward, various characteristics of the cyber espionage campaign suggest that the activity is state-sponsored.
The Ukrainian government was hit in late August leading up to the NATO Wales summit – which was called to discuss Russia’s actions in Ukraine – according to iSight. The cyber espionage ring used a technique called “spear-phishing” to send emails containing “weaponized” Microsoft Office documents to its targets, the report says. Once opened, the malicious attachment would give the hackers access to their computers.
Microsoft says it is rolling out a patch for the Windows flaw on Tuesday.
In an interview on Opening Bell with Maria Bartiromo on Tuesday, iSight Vice President Patrick McBride said the company is aware of specific targets in the United States linked to a Russian researcher at a university – he did not mention which university, however.
“The targeting could be much larger; we just don’t have visibility into all of it,” McBride said.